Security Audit

paddleocr-doc-parsing

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

CAUTION

Scanned 3 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

paddleocr-doc-parsing received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 2 findings: 1 critical, 1 high, 0 medium, and 0 low severity. Key findings include Unsanitized user input in 'cat' command leads to command injection, Unsanitized user input in output redirection leads to command injection.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.

Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

55%

Behavioral Risk Signals

Filesystem Write

2 findings

Shell Execution

2 findings

Dynamic Code

2 findings

Security Findings2

Severity	Finding	Layer	Location
CRITICAL	Unsanitized user input in 'cat' command leads to command injection The script directly uses the user-provided 'input_file' argument within a 'cat' command without proper sanitization or quoting. An attacker can inject shell metacharacters (e.g., ';', '`', '$()') into 'input_file' to execute arbitrary commands. For example, providing 'document.jpg; rm -rf /' as input would attempt to delete the root directory. Validate 'input_file' to ensure it's a safe path and does not contain shell metacharacters. Consider using a safer method to read file content that does not involve direct shell execution of the filename, or strictly sanitize the input path to prevent injection.	LLM	scripts/paddleocr_parse.sh:90
HIGH	Unsanitized user input in output redirection leads to command injection The script uses the user-provided 'output_file' argument directly as the target for output redirection (' > "$output_file"'). An attacker can inject shell metacharacters (e.g., '\| command', '$(command)') into 'output_file' to execute arbitrary commands or manipulate file operations. For example, providing '-o "result.json \| malicious_command"' could execute 'malicious_command'. Validate 'output_file' to ensure it's a safe filename and path. Avoid directly using user-supplied strings in shell redirection without thorough sanitization. Ensure the filename does not contain directory traversal attempts ('../') or shell metacharacters.	LLM	scripts/paddleocr_parse.sh:147

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/0482af20ffb1eba1.svg)](https://skillshield.io/report/0482af20ffb1eba1)