legal-ocr
Pass
Audited by Gen Agent Trust Hub on Jun 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes a JavaScript (JXA) wrapper
scripts/convert.jsthat executes the Python backend viaapp.doShellScript. It correctly uses shell quoting for all arguments to prevent command injection from user-provided file paths or URLs. - [DATA_EXFILTRATION]: The skill reads local document files and transmits their contents to external OCR APIs (MinerU and PaddleOCR). While this involves sending data to remote servers, it is the documented and intended behavior for an OCR service. Users should ensure they trust the configured OCR endpoints.
- [EXTERNAL_DOWNLOADS]: The scripts download OCR results, ZIP archives, and associated image assets from the API providers (e.g.,
mineru.net) and from remote URLs when a URL is provided as input for conversion. - [REMOTE_CODE_EXECUTION]: The Python scripts use
__import__('sys')within localized functions to accessstderr. This is a common and benign pattern for accessing standard streams in specialized utility functions and does not represent a security risk.
Audit Metadata