ClawHub
Back to skill

Security audit

Seedance2 Gen Video

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward Volcengine Seedance video-generation helper that uses the expected API key, SDK, prompts, and asset URLs for that purpose.

Install only if you are comfortable using Volcengine’s cloud API. Treat prompts, public media URLs, and generation settings as data sent to a third party, avoid sensitive or unauthorized media, keep ARK_API_KEY private, and be aware that the pip install may alter your Python environment.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill explicitly depends on the ARK_API_KEY environment variable and instructs execution in a shell, but the metadata does not clearly declare environment-variable access as a permission/sensitive capability. This can mislead reviewers and users about what secret material the skill may access, increasing the risk of unintended credential exposure or over-trust in the skill.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The description says to use this skill whenever the user needs to generate, edit, or extend videos, or mentions Seedance or video generation API, which is broad enough to trigger on generic video-related requests. Over-broad routing can cause unnecessary invocation of a third-party integration and accidental transmission of user prompts or asset URLs to an external service when a local or non-external response would have sufficed.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill description and usage guidance do not clearly warn that user prompts, public asset URLs, and possibly referenced media are sent to the external Volcengine API. In a multimedia generation skill, this is especially sensitive because prompts may contain confidential project details and media URLs may point to proprietary or personal content, creating a meaningful privacy and data-handling risk.

Env Variable Harvesting

High
Category
Data Exfiltration
Content
args = parse_args()
    validate_args(args)

    api_key = os.environ.get("ARK_API_KEY")
    if not api_key:
        print("Error: ARK_API_KEY is not set, please configure it in the .env file or as an environment variable:", file=sys.stderr)
        print("  ARK_API_KEY=your_api_key", file=sys.stderr)
Confidence
70% confidence
Finding
os.environ.get("ARK_API_KEY

Credential Access

High
Category
Privilege Escalation
Content
script_dir = os.path.dirname(os.path.abspath(__file__))
    candidates = [
        os.path.join(script_dir, ".env"),
        os.path.join(script_dir, "..", ".env"),
    ]
    for path in candidates:
        path = os.path.normpath(path)
Confidence
60% confidence
Finding
.env"

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.