Trust Assessment
smart-ocr received a trust score of 77/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 3 findings: 0 critical, 1 high, 2 medium, and 0 low severity. Key findings include Unpinned Dependencies in Installation Instructions, Potential Server-Side Request Forgery (SSRF) via URL Fetching.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Server-Side Request Forgery (SSRF) via URL Fetching The skill demonstrates fetching images from URLs using `requests.get`. If the URL is user-controlled without proper validation, an attacker could manipulate the skill to make requests to internal network resources, sensitive endpoints, or other external services. This could lead to information disclosure, port scanning, or other network-based attacks (SSRF). Although this is an example, it highlights a common vulnerability pattern for skills that interact with external URLs. Implement strict URL validation to ensure only allowed domains and protocols are accessed. Consider using a whitelist of allowed URLs or domains. Implement network access controls and timeouts to prevent abuse. Limit the size of fetched content to prevent denial-of-service attacks. | LLM | SKILL.md:200 | |
| MEDIUM | Unpinned Dependencies in Installation Instructions The installation instructions recommend installing Python packages without specifying exact versions. This can lead to supply chain risks, as future versions of these packages might introduce vulnerabilities, breaking changes, or be subject to malicious takeovers. It is best practice to pin dependencies to specific versions to ensure reproducible and secure environments. Pin all dependencies to specific versions (e.g., `pip install paddlepaddle==X.Y.Z paddleocr==A.B.C`). Use a `requirements.txt` file with pinned versions for better management. | LLM | SKILL.md:301 | |
| MEDIUM | Unpinned Dependencies in Installation Instructions The installation instructions recommend installing Python packages without specifying exact versions. This can lead to supply chain risks, as future versions of these packages might introduce vulnerabilities, breaking changes, or be subject to malicious takeovers. It is best practice to pin dependencies to specific versions to ensure reproducible and secure environments. Pin all dependencies to specific versions (e.g., `pip install pdf2image==X.Y.Z Pillow==A.B.C`). Use a `requirements.txt` file with pinned versions for better management. | LLM | SKILL.md:307 |
Scan History
Embed Code
[](https://skillshield.io/report/6559f50d22f7ebbc)
Powered by SkillShield