Security audit

sjht doubao text to image

Security checks across malware telemetry and agentic risk

Overview

This skill uses Doubao/Volcengine to generate images and save a local gallery, which matches its stated purpose, but users should be aware of prompt privacy and API cost implications.

Install only if you are comfortable sending image prompts to Doubao/Volcengine and using an ARK API key that may incur charges. Avoid secrets or sensitive personal data in prompts, review count and worker settings before batch generation, and prefer environment or local .env key storage over putting keys in chat.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 93% confidence
Finding: The skill declares only Read/Write/Bash, but its documented behavior clearly includes network access to an external API, reading secrets from environment variables and a local .env file, and writing output files. This mismatch weakens user and platform transparency, making it easier for a caller to invoke data egress and local file writes without an accurate permission signal.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The setup and run instructions explain how to use the API key, but they do not warn users that prompts are transmitted to a third-party image-generation service and that local output files are created. This creates an informed-consent and privacy risk, because sensitive prompts or regulated data could be sent externally and persisted on disk without the user realizing it.

Vague Triggers

Medium

Confidence: 89% confidence
Finding: Trigger phrases such as '帮我画一张', '生成一张', and '画个图' are broad, common expressions that can appear in ordinary conversation. Over-broad invocation increases the chance that the agent loads this skill unintentionally, causing unexpected network calls, API-key usage, and file creation from casual user language.

Natural-Language Policy Violations

Medium

Confidence: 87% confidence
Finding: The instructions tell the agent to translate prompts into English when deemed helpful, without asking the user first. This can alter meaning, leak user content through additional transformation steps, and violate user expectations or platform language-handling policy, especially for sensitive or nuanced prompts.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal