image-ocr
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data access were detected in the skill instructions or code snippets. The skill serves as a library of best-practice implementations for OCR tasks.
- [EXTERNAL_DOWNLOADS]: The skill recommends installing standard, well-known libraries from official registries (PyPI, NPM) such as
pytesseract,easyocr,paddleocr, and official cloud SDKs from Google, AWS, and Anthropic. These are recognized as well-known technology providers. - [DATA_EXFILTRATION]: No hardcoded credentials or unauthorized data transmission patterns were found. The implementation examples demonstrate the use of environment variables for secure authentication with cloud providers, such as GOOGLE_APPLICATION_CREDENTIALS.
- [PROMPT_INJECTION]: The skill correctly manages the attack surface for Indirect Prompt Injection by providing sanitization logic and guidance:
- Ingestion points: External images and PDF files processed via multiple OCR engines in SKILL.md.
- Boundary markers: Not explicitly defined in code templates, but the rules section advises treating OCR output as unvalidated text.
- Capability inventory: Uses standard OCR libraries and cloud APIs for data extraction without granting excessive system privileges.
- Sanitization: Includes a clean_ocr_text function employing regular expressions to remove non-printable characters, normalize whitespace, and correct common OCR misreads.
Audit Metadata