paddleocr-text-recognition

Not overtly malicious based on the provided instructions alone, but the policy contains multiple high-risk operational choices that materially increase the chance of credential exposure and data exfiltration: asking users to paste API credentials into chat and auto-configuring them, forcing uploads to an external OCR endpoint (including allowance for arbitrary/similar domains), and mandating printing the full OCR output unredacted. Recommend: do not paste secrets into chat; verify and hardcode trusted OCR endpoint(s) or use an allowlist; inspect scripts/ocr_caller.py and scripts/configure.py before running; add safeguards to require explicit user confirmation before uploading files and before displaying long or potentially sensitive OCR outputs; implement secure storage/rotation for tokens. If the scripts cannot be audited, avoid using this skill for sensitive documents.