glmocr-table
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill communicates exclusively with the official ZhiPu AI API endpoint at https://open.bigmodel.cn/api/paas/v4/layout_parsing, ensuring that user data and API keys are not redirected to unauthorized third-party domains.
- [SAFE]: The ZHIPU_API_KEY is managed through environment variables rather than hardcoded strings, following recommended practices for secure secret management.
- [SAFE]: The CLI script (scripts/glm_ocr_cli.py) implements standard OCR functionality using known libraries (requests) and does not utilize dangerous functions like eval(), exec(), or arbitrary subprocess calls.
- [SAFE]: Indirect Prompt Injection Surface: The skill extracts content from external images and PDFs. Ingestion points: File paths or URLs provided as arguments to scripts/glm_ocr_cli.py. Boundary markers: Not explicitly defined in output display rules. Capability inventory: The skill can write JSON results to local files using the --output parameter. Sanitization: Extracted text is returned without modification. This surface is characteristic of OCR-related tools and is not exploited by the skill code.
Audit Metadata