Volcengine Ai Entry Ark
PassAudited by ClawScan on May 1, 2026.
Overview
This is a straightforward instruction-only ARK API starter; the main cautions are that it uses an ARK API key and sends prompts to Volcengine.
This skill is reasonable to install if you intend to use Volcengine ARK. Before using it, prepare a scoped ARK API key, confirm the endpoint and region, avoid placing secrets in prompts, and redact Authorization headers and sensitive request content from troubleshooting logs.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone using this skill may provide an ARK API key that can authorize model calls and incur usage under that account.
The skill requests a provider API key. This is expected for Volcengine ARK invocation, but API keys are high-value credentials and the registry metadata does not declare a primary credential or required environment variable.
## Inputs to Collect - `ARK_API_KEY`
Use a dedicated, least-privilege ARK key where possible, avoid exposing it in chat history or logs, and rotate it if it is accidentally shared.
Prompts, model endpoint IDs, and API authentication are sent to the Volcengine ARK service when the template is used.
The request template sends the authorization token and message content to Volcengine's ARK endpoint. This external provider flow is disclosed and aligned with the skill's purpose.
curl https://ark.cn-beijing.volces.com/api/v3/chat/completions \ -H "Authorization: Bearer $ARK_API_KEY" ... "messages": [
Only send data you are allowed to process with Volcengine, verify the endpoint region/domain, and redact API keys or sensitive prompt content from any retained support logs.