ClawHub

Volcengine Doubao Image Gen

Security checks across malware telemetry and agentic risk

Overview

The skill appears to generate Doubao images and videos as advertised, but it needs review because its video script reads a shared .env secrets file and writes output to user-supplied paths.

Install only if you intend to use Volcengine/Doubao for generated media. Use a dedicated ARK_API_KEY, avoid placing unrelated secrets in /root/.openclaw/workspace/.env, and choose simple relative output filenames in a dedicated folder to reduce overwrite risk.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill documentation indicates capabilities requiring environment access, file reads/writes, and network access, yet no explicit permissions are declared. This creates a transparency and policy-enforcement gap: a host may expose broader capabilities than users or reviewers expect, and the skill handles sensitive material such as API keys and downloaded remote content. In this context, undeclared network and filesystem use is materially relevant because the skill fetches remote URLs and writes outputs locally.

Scope Creep

Medium
Confidence
93% confidence
Finding
The manifest declares outbound network access only for the image-generation API purpose, while the package scripts and description indicate the skill also supports video generation. This creates a permission-to-behavior mismatch that can mislead reviewers and users about the full network use of the skill, reducing transparency and weakening security review controls.

Vague Triggers

Medium
Confidence
81% confidence
Finding
The trigger list includes broad phrases such as '生成图片' and '生成视频', which can overlap with ordinary user requests and cause accidental invocation. Over-broad triggering is a security concern because it may cause the agent to route unrelated prompts into a networked skill that consumes credentials, makes external API calls, and writes files without the user explicitly intending to use this provider-specific integration.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal