ClawHub

Volcengine Doubao Image Gen

ReviewAudited by ClawScan on May 10, 2026.

Overview

The skill mostly does what it advertises, but the video helper reads a whole workspace .env file and the helpers can overwrite arbitrary absolute output paths.

Install only if you are comfortable giving the skill a Volcengine ARK_API_KEY and sending prompts/reference image URLs to Volcengine. Before use, avoid storing unrelated secrets in /root/.openclaw/workspace/.env, and choose simple relative output filenames in a safe workspace folder.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Concern
ASI03: Identity and Privilege Abuse
What this means

Unrelated secrets in the workspace .env could be pulled into the process environment, increasing exposure if later code or libraries use them unexpectedly.

Why it was flagged

The video helper reads every key/value from a fixed workspace .env file before running. Only ARK_API_KEY is needed for the stated purpose, so loading all local environment secrets/config is overbroad and under-scoped.

Skill content
key, value = line.split("=", 1)
os.environ.setdefault(key.strip(), value.strip())
...
load_env_file("/root/.openclaw/workspace/.env")
Recommendation

Load only the documented ARK_API_KEY from a clearly disclosed path, or require the user to set it explicitly; do not import unrelated .env variables.

Concern
ASI02: Tool Misuse and Exploitation
What this means

A mistaken or agent-chosen filename could replace local files with generated media.

Why it was flagged

The output path check allows absolute paths and the download writes with overwrite mode. This means a supplied filename can overwrite any file the process can write, rather than being confined to a safe output directory.

Skill content
if os.path.isabs(normalized):
    return normalized
...
with open(safe_path, "wb") as f:
    f.write(response.read())
Recommendation

Restrict outputs to a workspace/output directory, reject absolute paths by default, and require explicit confirmation before overwriting existing files.

Note
ASI04: Agentic Supply Chain Vulnerabilities
What this means

Video generation may fail until the SDK is installed, and users may need to choose a trusted package source themselves.

Why it was flagged

Video generation depends on an external Python SDK, but the provided artifacts include no install spec or pinned dependency declaration for that SDK.

Skill content
from volcenginesdkarkruntime import Ark
Recommendation

Declare and pin the required Python package, or document a trusted installation method.