code-ocr
Warn
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (MEDIUM): The skill documentation repeatedly instructs the agent to execute a Python script located at a specific, hardcoded local path (
C:\Users\12556\.claude\skills\code-ocr\scripts\code_ocr.py). - Evidence: The skill relies on
python "C:\Users\12556\...\code_ocr.py" <图片路径>which involves running a local executable with user-provided or agent-defined file paths. - Context: While intended for OCR, this pattern can be abused if the script itself is malicious or if the path arguments are used to access or overwrite sensitive system files (e.g., using
--save-jsonto write to a system directory). - [DATA_EXPOSURE] (LOW): The skill requires users to set environment variables (
BAIDU_API_KEY,BAIDU_SECRET_KEY) containing sensitive API credentials. - Evidence: Instructions include
setx BAIDU_API_KEY "your_api_key". - Risk: These keys are stored in the system environment, where other processes or scripts might access them if not properly managed.
- [REMOTE_CODE_EXECUTION] (SAFE/INFO): The script interfaces with Baidu's OCR API. While it sends data to a remote service, it does not appear to download or execute remote code in an untrusted manner based on the provided markdown.
Audit Metadata