seedance-2-video-gen

Security checks across malware telemetry and agentic risk

Overview

This looks like a legitimate EvoLink video-generation skill, but it needs Review because it encourages risky API-key handling and can persist the key in plaintext shell files.

Install only if you are comfortable using EvoLink as an external video-generation provider. Do not paste API keys into normal agent chat; set EVOLINK_API_KEY through a secure environment or secret mechanism instead. Avoid the installer option that writes the key to shell startup files unless you accept plaintext dotfile storage and know how to remove or rotate the key later. Do not submit sensitive prompts, private media URLs, internal endpoints, or privileged signed URLs unless you intend to share them with EvoLink.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (12)

Missing User Warnings

Low

Confidence: 90% confidence
Finding: The README tells users to export an API key and even suggests telling the OpenClaw agent the key directly, but it does not warn that secrets may be captured in shell history, agent conversation history, logs, or telemetry. In an agent-integrated skill, this is a real secret-handling weakness because users may expose credentials to the very system processing untrusted prompts and tool outputs.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The README explicitly tells users to provide their EvoLink API key to the OpenClaw agent for configuration, but gives no warning about handling secrets safely. In an agent-based environment, this can expose credentials to logs, chat transcripts, third-party model providers, or other tools the agent can access, increasing the risk of credential leakage and unauthorized API usage.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: Le README indique à l'utilisateur de dire à l'agent « Configure ma clé API EvoLink à ... », ce qui encourage la transmission d'un secret en clair dans la conversation. Dans un contexte d'agent, ce secret peut être journalisé, exposé à d'autres outils/plugins, stocké dans l'historique ou affiché dans des traces, augmentant le risque de compromission de la clé API.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The README explicitly tells users to provide an API key to the agent in natural language ('set the EvoLink API key to ...') without any warning about secret handling, storage, logs, chat history, or third-party telemetry. In an agent-skill context, this is risky because users may paste live credentials into conversations that can be retained, exposed to plugins/tools, or surfaced in debugging and audit logs.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The README explicitly tells users they can give the agent their EvoLink API key directly so it can set it automatically. In an agent-skill context, this encourages disclosure of a sensitive credential to an automated system without warning about storage, logging, prompt history retention, or exposure to other tools/plugins, which increases the chance of credential leakage or misuse.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The README explicitly instructs users to tell the OpenClaw agent their EvoLink API key ('Set my EvoLink API key to ...') without any warning about how the agent stores, logs, transmits, or scopes secrets. In an agent ecosystem, this can expose credentials through chat history, telemetry, tool logs, screenshots, or unintended prompt/context leakage, making the guidance unsafe even though it appears convenience-motivated rather than malicious.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The README explicitly tells users to give their EvoLink API key to the agent ("set my API key to ...") without warning that the secret may be exposed to the model, stored in chat history, logged by the agent framework, or forwarded to third-party tools. In an agent skill context, this is more dangerous than ordinary documentation because users are being encouraged to place long-lived credentials directly into conversational context rather than secure environment or secret storage.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The README explicitly tells users they can give their EvoLink API key directly to the OpenClaw agent, but provides no warning about secret handling, logging, prompt history retention, or third-party exposure. In an agent context, asking users to paste credentials into chat increases the risk that the key is stored in transcripts, leaked via tool calls, or exposed to plugins, making this more dangerous than ordinary CLI documentation.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The README explicitly tells users to give their EvoLink API key directly to the OpenClaw agent, which can expose the credential to the agent runtime, skill logs, chat history, plugins, or other connected tools. In an agent-skill context, this is more dangerous than normal documentation because the agent may persist, relay, or misuse secrets across tools and sessions.

Vague Triggers

Medium

Confidence: 80% confidence
Finding: The instruction to proactively greet the user and immediately start setup broadens activation beyond clear user intent. That can cause the skill to solicit credentials or begin an external-service workflow without a sufficiently specific request, increasing the chance of unwanted data disclosure or accidental use of paid API operations.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill does not prominently warn users that prompts, images, videos, and audio may be transmitted to EvoLink's external API. This omission undermines informed consent and can expose sensitive media or confidential prompt content to a third party, especially in reference-to-video mode where user-supplied files may contain personal or proprietary information.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The documentation explicitly instructs users to provide externally accessible media URLs and optional callback URLs, but it does not warn that doing so discloses those resources and associated metadata to a third-party service. In an agent skill context, this can cause users to unknowingly expose private files, signed URLs, internal webhook endpoints, or sensitive infrastructure details to the vendor.

VirusTotal

56/56 vendors flagged this skill as clean.

View on VirusTotal