Chinese Bedtime Story Generator

Security checks across static analysis, malware telemetry, and agentic risk

Overview

The skill appears aligned with its stated purpose, but it uses external LLM/TTS services, API keys, and a local story state file that users should understand before installing.

Before installing, be comfortable providing API keys and sending the child name, age, interests, and generated story text to the configured LLM/TTS services. If privacy is important, use minimal personalization, choose trusted endpoints, and delete the generated outputs/story_state.json when finished.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#ASI03: Identity and Privilege Abuse

Low

What this means

The skill may consume quota or access on the configured LLM/TTS provider accounts.

Why it was flagged

The skill uses API credentials for LLM and TTS provider calls. This is expected for the stated function, but users should know they are granting provider-account access.

Skill content

LLM_API_KEY = os.environ.get("STORY_LLM_API_KEY", os.environ.get("IME_MODEL_API_KEY", "")); ... headers = {"Authorization": f"Bearer {api_key}", "Content-Type": "application/json"}

Recommendation

Use dedicated, least-privilege API keys where possible and revoke or rotate them if you stop using the skill.

#ASI07: Insecure Inter-Agent Communication

Medium

What this means

Personalization details about a child and the resulting story text may be processed by third-party services.

Why it was flagged

The script sends prompts and story text to external LLM/TTS endpoints. This is purpose-aligned, but the child name, age, interests, and generated story content can leave the local environment.

Skill content

OpenAI(api_key=api_key, base_url=LLM_BASE_URL, timeout=LLM_TIMEOUT); ... requests.post(TTS_URL, headers=headers, json=payload, timeout=TTS_TIMEOUT)

Recommendation

Only use providers you trust, review their privacy terms, and avoid entering sensitive child details if that data should not be sent externally.

#ASI06: Memory and Context Poisoning

Low

What this means

Story continuity data and child personalization details may remain on disk after use.

Why it was flagged

The documented story_state.json stores child personalization fields and continuation state for reuse across runs. This persistence is part of the serial-story feature.

Skill content

"child_name": "小明", "age": 5, "interests": "恐龙,太空", ... "current_episode": 1

Recommendation

Review or delete the outputs/story_state.json file when you no longer want continuity or stored child details.

#ASI04: Agentic Supply Chain Vulnerabilities

Low

What this means

Future installs could receive newer dependency versions with different behavior.

Why it was flagged

Dependencies are specified with minimum versions rather than pinned exact versions. The packages are expected for this skill, but unpinned ranges reduce install reproducibility.

Skill content

openai>=1.30.0
requests>=2.31.0
python-dotenv>=1.0.0

Recommendation

For more reproducible installs, pin and review dependency versions in a lockfile or controlled environment.