multi-lang-ocr
Fail
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill dynamically generates and executes a Swift script using the
swiftinterpreter viasubprocess.runto perform OCR on macOS. - [REMOTE_CODE_EXECUTION]: The Swift script is constructed using f-string interpolation of the
image_pathparameter without sanitization. An attacker can provide a file path containing double-quotes and Swift commands to execute arbitrary logic on the host machine. - [EXTERNAL_DOWNLOADS]: The skill instructs users or the agent to download and install the
rapidocr-onnxruntimepackage from the public PyPI registry for cross-platform OCR support.
Recommendations
- AI detected serious security threats
Audit Metadata