ClawHub

Seedance Video Generation BytePlus

Security checks across malware telemetry and agentic risk

Overview

The skill is a legitimate BytePlus video generator, but it should be reviewed because it can upload local files to external services and automatically opens downloaded media on macOS through an unsafe shell command.

Install only if you intend to send prompts and selected images to BytePlus, and optionally generated videos to Feishu. Do not provide confidential local paths or sensitive media unless you have approved that external sharing, and consider removing or disabling the macOS auto-open behavior before use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

os.system() or os exec-family call

High
Category
Dangerous Code Execution
Content
# Open on macOS
                    if sys.platform == "darwin":
                        os.system(f'open "{filepath}"')
                except Exception as e:
                    print(f"Download failed: {e}", file=sys.stderr)
Confidence
92% confidence
Finding
os.system(f'open "{filepath}"')

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
The skill automatically opens downloaded video files locally after retrieval, which exceeds the core need of generating and managing remote video tasks. This behavior increases attack surface by triggering local handling of untrusted remote content and may surprise users in automation contexts.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The README clearly instructs users to send prompts, images, and generated video requests to a third-party BytePlus API, but it does not explicitly warn that user-supplied content and metadata leave the local environment. In an agent skill context, this omission can mislead users into sharing sensitive images or prompts without informed consent, creating a real privacy and data-handling risk even if the transmission is the tool's intended purpose.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill description does not warn that prompts, task metadata, and potentially local images are transmitted to BytePlus. This can mislead users into sharing sensitive content they might not otherwise send to an external vendor, especially since local files are base64-encoded and uploaded. The risk is amplified because the skill is framed as a convenient file-generation workflow rather than a data-export action.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The document explicitly instructs the workflow to upload a locally generated video file to Feishu CDN and send it to chat, but it does not warn users that local data is being transferred to a third-party service and may be stored or retained externally. In an agent/tooling context, lack of disclosure around outbound transfer and persistence can lead to accidental sharing of sensitive local content, especially if users assume the operation is only local or ephemeral.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal