ClawHub

Seedream Volcengine

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward Volcengine image-generation wrapper, but users should understand that prompts, image inputs, and optional web-search context leave the local machine.

Install only if you are comfortable sending selected prompts, reference images, and generated-image requests to Volcengine. Prefer VOLC_API_KEY over passing keys on the command line, avoid sensitive or regulated content unless approved, use --web-search only when external lookup is acceptable, and verify the uv installation method from a trusted source.

Publisher note

Single-script Python skill, PEP 723 self-contained (executes with uv run). Only external dependency: requests>=2.31.0. API key passed via environment variable, no hardcoded credentials. No network listening, no file writing, no subprocesses, no eval/exec. MIT-0 license, no third-party code introduced.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (8)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill documentation indicates use of environment variables for API keys and network access to Volcengine and remote image URLs, but no permissions are declared. This creates a transparency and policy-enforcement gap: users or hosting platforms may not realize the skill can access secrets and transmit data externally, increasing the risk of unintended credential use or outbound data exposure.

Missing User Warnings

Medium
Confidence
82% confidence
Finding
The README advertises a web-search feature but does not disclose that prompts, search terms, or related request context may be sent to external services. This creates a real privacy/transparency issue because users may unknowingly submit sensitive data to third parties when using the feature.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill supports web search and accepts remote image URLs, but the documentation does not clearly warn users that prompts, search terms, and referenced image data may be sent to external services. In an image-generation skill, this is especially relevant because user prompts or images may contain sensitive personal, commercial, or copyrighted material, and web search adds another external data flow.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The reference states that the model may autonomously perform web searches based on prompt content, but it does not warn that prompt-derived data may be transmitted to external search services. In an agent skill, users may include sensitive or proprietary information in prompts; enabling web search without explicit disclosure and gating can cause unintended data exposure beyond the primary image API.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The script sends the user's prompt and any provided reference image data to Volcengine's remote image-generation API, but it does not present a clear runtime warning or consent step before transmitting potentially sensitive content off-host. In an agent-skill context, users may assume local processing, so this omission can cause unintended disclosure of private prompts, images, or embedded metadata to a third-party service.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
When web search is enabled, the script adds a search tool to the request without clearly warning that prompt context may be relayed beyond the core image API to external search or retrieval services. This expands the data-sharing surface and can expose sensitive user intent, names, locations, or other context contained in prompts.

External Script Fetching

Low
Category
Supply Chain
Content
3. 安装 uv(Python 包运行器)/ Install [uv](https://docs.astral.sh/uv/):
   ```bash
   curl -LsSf https://astral.sh/uv/install.sh | sh
   ```

### OpenClaw 安装 / OpenClaw Installation
Confidence
97% confidence
Finding
curl -LsSf https://astral.sh/uv/install.sh | sh

Chaining Abuse

High
Category
Tool Misuse
Content
3. 安装 uv(Python 包运行器)/ Install [uv](https://docs.astral.sh/uv/):
   ```bash
   curl -LsSf https://astral.sh/uv/install.sh | sh
   ```

### OpenClaw 安装 / OpenClaw Installation
Confidence
98% confidence
Finding
| sh

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal