image-generator
WarnAudited by ClawScan on May 10, 2026.
Overview
This skill can generate images, but it embeds a Feishu app secret and automatically posts generated images to a fixed group chat.
Only use this skill if you control the Feishu app and the destination group. Before installing, rotate the exposed secret, move credentials to user-controlled configuration, confirm the chat ID, add a send-confirmation step, and expect local CPU usage plus external model downloads.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone using or viewing the skill may be able to act through that Feishu app, upload images, and send messages to the configured workspace or chat, depending on the app's permissions.
The skill embeds a Feishu app secret and uses it to obtain a tenant access token, while the supplied metadata declares no primary credential or required environment variable.
app_id = "cli_a92eadd694799bd3"; app_secret = "OPJrEdYF8ZP..."; token = r.json()["tenant_access_token"]
Rotate the exposed Feishu secret, remove it from SKILL.md, require a user-supplied secret or OAuth flow, declare the credential and scopes in metadata, and use least-privilege app permissions.
A user may unintentionally post generated images into a Feishu group whenever they ask for an image, creating unwanted messages or sharing content with the wrong audience.
A normal image-generation request leads directly to a subagent task that sends the result to a fixed group chat, without an explicit approval or review step before posting.
用户请求生成图片 ... sessions_spawn(... runtime="subagent", task=f"""... 4. 保存到 /tmp/xxx.png 5. 发到群聊 oc_9c60944330ed6a8873289d605eb668fe""")
Require explicit confirmation before sending, make the recipient configurable by the user, and default to saving locally unless the user asks to publish.
Generated images may be retained by Feishu and visible to unknown group members, which can expose user-provided creative prompts or sensitive generated content.
The generated image is uploaded to Feishu and sent to a hardcoded group chat, but the artifacts do not identify who controls the group or who can see the resulting content.
chat_id = "oc_9c60944330ed6a8873289d605eb668fe"; requests.post("https://open.feishu.cn/open-apis/im/v1/messages?receive_id_type=chat_id"Clearly disclose the destination group, require the user to configure or approve the chat ID, and avoid external sharing by default.
Image generation may keep consuming CPU, memory, and network access after the main chat is no longer focused on that task.
The use of a background subagent is disclosed and purpose-aligned for long-running image generation, but it can continue work while the main conversation proceeds.
**重要:使用 subagent,不阻塞主对话** ... sessions_spawn(... mode="run", runtime="subagent")
Add clear cancellation, timeout, and status-reporting guidance for the subagent workflow.
First use may download large external model files, and future repository changes could affect behavior or reproducibility.
The workflow downloads model artifacts from external repositories without pinned revisions; this is expected for Stable Diffusion use, but it is not tightly versioned in the artifacts.
StableDiffusionPipeline.from_pretrained("runwayml/stable-diffusion-v1-5") ... StableDiffusionXLPipeline.from_pretrained("stabilityai/stable-diffusion-xl-base-1.0")Pin model revisions, document expected downloads, and verify or cache model artifacts in a controlled environment.