Skills
skills/zai-org/glm-skills/glmocr-sdk/Gen Agent Trust Hub

glmocr-sdk

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [SAFE]: No malicious patterns or deceptive instructions were detected.
  • [EXTERNAL_DOWNLOADS]: The skill requires the glmocr Python package, which is a legitimate library from the author zai-org.
  • [CREDENTIALS_UNSAFE]: The skill uses environment variables and .env files for authentication, adhering to standard security practices for managing the ZHIPU_API_KEY.
  • [COMMAND_EXECUTION]: Document parsing is handled via the glmocr CLI, which is the intended interface for the provided functionality.
  • [DATA_EXFILTRATION]: Document content is processed via the Zhipu cloud API, which is the documented and necessary behavior for the OCR service.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 02:45 AM
Security Audit — agent-trust-hub — glmocr-sdk