Back to skill

Security audit

seedream-img-gen

Security checks across malware telemetry and agentic risk

Overview

This is mostly a normal Seedream image-generation skill, but it needs review because its setup instructions can expose a Volcengine API key.

Install only if you intend to use Volcengine Seedream. Do not run `echo $ARK_API_KEY`; use a non-revealing check instead, keep the key private, monitor quota/billing, and install the Python dependencies from trusted sources in an isolated environment.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
83% confidence
Finding
The trigger text is overly broad because it activates not only for explicit Seedream requests but for essentially any image-generation request. That can cause the agent to route unrelated image tasks into a skill that reads environment variables and makes external network calls, expanding exposure beyond the user's clear intent.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill tells users to export an API key directly in the shell without warning that it is sensitive or advising secure handling. This increases the risk of accidental credential disclosure through shell history, screen sharing, logs, copied commands, or reuse in unsafe contexts.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.