Volcengine Ai Text Ark Chat

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward Volcengine ARK chat API helper that discloses its network request and API key use.

Install only if you intend to use Volcengine ARK. Keep ARK_API_KEY scoped and private, and avoid sending secrets, sensitive personal data, or proprietary content in prompts unless that is acceptable under your Volcengine account and data-handling terms.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

External Transmission

Medium

Category: Data Exfiltration
Content: ## Minimal Request Template ```bash curl https://ark.cn-beijing.volces.com/api/v3/chat/completions \ -H "Authorization: Bearer $ARK_API_KEY" \ -H "Content-Type: application/json" \ -d '{
Confidence: 60% confidence
Finding: curl https://ark.cn-beijing.volces.com/api/v3/chat/completions \ -H "Authorization: Bearer $ARK_API_KEY" \ -H "Content-Type: application/json" \ -d

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal