legal-ocr

Pass

Audited by Gen Agent Trust Hub on Jun 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill includes a JavaScript (JXA) wrapper scripts/convert.js that executes the Python backend via app.doShellScript. It correctly uses shell quoting for all arguments to prevent command injection from user-provided file paths or URLs.
  • [DATA_EXFILTRATION]: The skill reads local document files and transmits their contents to external OCR APIs (MinerU and PaddleOCR). While this involves sending data to remote servers, it is the documented and intended behavior for an OCR service. Users should ensure they trust the configured OCR endpoints.
  • [EXTERNAL_DOWNLOADS]: The scripts download OCR results, ZIP archives, and associated image assets from the API providers (e.g., mineru.net) and from remote URLs when a URL is provided as input for conversion.
  • [REMOTE_CODE_EXECUTION]: The Python scripts use __import__('sys') within localized functions to access stderr. This is a common and benign pattern for accessing standard streams in specialized utility functions and does not represent a security risk.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 30, 2026, 08:05 AM
Security Audit — agent-trust-hub — legal-ocr