Volcengine Doubao Image Gen

PassAudited by VirusTotal on May 11, 2026.

Overview

Type: OpenClaw Skill Name: volcengine-doubao-image-gen Version: 1.1.0 The skill bundle provides legitimate functionality for generating images and videos using the Volcengine (Doubao/Seedance) API. The Python scripts (generate_image.py and generate_video.py) include proactive security measures, such as path traversal checks (ensure_safe_output_path), filename sanitization, and validation of download URLs and content types. The requested network permissions in package.json are limited to the official API endpoint (ark.cn-beijing.volces.com), and no evidence of data exfiltration or malicious prompt injection was found.

Findings (0)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

ConcernHigh Confidence

ASI03: Identity and Privilege Abuse

What this means

Unrelated secrets in the workspace .env could be pulled into the process environment, increasing exposure if later code or libraries use them unexpectedly.

Why it was flagged

The video helper reads every key/value from a fixed workspace .env file before running. Only ARK_API_KEY is needed for the stated purpose, so loading all local environment secrets/config is overbroad and under-scoped.

Skill content

key, value = line.split("=", 1)
os.environ.setdefault(key.strip(), value.strip())
...
load_env_file("/root/.openclaw/workspace/.env")

Recommendation

Load only the documented ARK_API_KEY from a clearly disclosed path, or require the user to set it explicitly; do not import unrelated .env variables.

ConcernHigh Confidence

ASI02: Tool Misuse and Exploitation

What this means

A mistaken or agent-chosen filename could replace local files with generated media.

Why it was flagged

The output path check allows absolute paths and the download writes with overwrite mode. This means a supplied filename can overwrite any file the process can write, rather than being confined to a safe output directory.

Skill content

if os.path.isabs(normalized):
    return normalized
...
with open(safe_path, "wb") as f:
    f.write(response.read())

Recommendation

Restrict outputs to a workspace/output directory, reject absolute paths by default, and require explicit confirmation before overwriting existing files.

NoteHigh Confidence

ASI04: Agentic Supply Chain Vulnerabilities

What this means

Video generation may fail until the SDK is installed, and users may need to choose a trusted package source themselves.

Why it was flagged

Video generation depends on an external Python SDK, but the provided artifacts include no install spec or pinned dependency declaration for that SDK.

Skill content

from volcenginesdkarkruntime import Ark

Recommendation

Declare and pin the required Python package, or document a trusted installation method.