ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Byted Tos Image Process

v1.0.0

Provides image processing capabilities for objects in Bytedance TOS using the official SDK. Supports getting image info, format conversion, resizing, and wat...

0· 83·0 current·0 all-time
by@volcengine-skills

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for volcengine-skills/byted-tos-image-process.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Byted Tos Image Process" (volcengine-skills/byted-tos-image-process) from ClawHub.
Skill page: https://clawhub.ai/volcengine-skills/byted-tos-image-process
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install byted-tos-image-process

ClawHub CLI

Package manager switcher

npx clawhub@latest install byted-tos-image-process
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill's name, README, SKILL.md, and scripts all describe TOS image operations and legitimately require TOS credentials and endpoint/region. However the registry metadata lists no required environment variables or primary credential—this mismatch is unexplained and inconsistent with the skill's stated purpose.
Instruction Scope
The runtime instructions and example scripts stay within the stated purpose: they initialize a TOS SDK client from environment variables, call get_object/get_object_to_file with process strings, save outputs locally or back to TOS, and perform error handling. They do read/write local files (for output) and check file sizes, which is expected for this functionality.
Install Mechanism
No install spec is provided (instruction-only at registry level), and requirements.txt only lists the Python 'tos' dependency. There are no download URLs or extracted archives in the install metadata. Having runnable scripts bundled without an install spec is not dangerous by itself but means consumers must run these Python scripts themselves (which will execute network calls via the SDK).
!
Credentials
The scripts and SKILL.md require TOS_ACCESS_KEY, TOS_SECRET_KEY, TOS_ENDPOINT, and TOS_REGION (and optionally TOS_SECURITY_TOKEN). Those credentials are proportionate to the skill's purpose, but the registry metadata omits them entirely and declares no primary credential—this omission is a red flag. The scripts will accept long-lived AK/SK or STS tokens; using short-lived, least-privilege credentials is recommended.
Persistence & Privilege
The skill does not request permanent 'always' inclusion, does not modify other skills, and does not alter global agent configuration. It requires no extra platform privileges beyond normal model invocation and user execution of included scripts.
What to consider before installing
This skill appears to implement exactly what it claims (TOS image processing), but the registry metadata omits the sensitive environment variables the scripts actually require. Before installing or running it: - Do not supply long-lived, high-privilege credentials. Prefer short-lived STS tokens limited to the specific buckets/keys needed. - Verify and reconcile metadata: the registry should declare required env vars (TOS_ACCESS_KEY, TOS_SECRET_KEY, TOS_ENDPOINT, TOS_REGION, optional TOS_SECURITY_TOKEN). Ask the publisher to correct the metadata if you rely on that for automation. - Inspect the bundled scripts yourself (they are included) and confirm they only call the official TOS SDK — no hidden endpoints were found in the provided files. - If you will run the scripts, run them in a sandbox or isolated environment and test with a dedicated test bucket that has minimal permissions (read/write only where needed). Revoke credentials after testing. - Review the Python dependency 'tos' from PyPI (or your package source) to ensure it is the legitimate SDK the scripts expect. - If you do not trust the publisher, do not enable autonomous invocation for this skill in agents that hold sensitive credentials. If the publisher updates the registry metadata to list the required environment variables and primary credential, and you follow the least-privilege guidance above, the incoherence will be resolved and the skill will be more straightforward to trust.

Like a lobster shell, security has layers — review code before you run it.

latestvk975jsamjvgdbeg5ejgkz9xp9d83x3h6
83downloads
0stars
1versions
Updated 4w ago
v1.0.0
MIT-0
@volcengine-skills
latest
Download

Bytedance TOS Image Process Skill

This skill provides essential image processing functions for files stored in Bytedance's TOS (TeraObjectStore). It allows you to retrieve image metadata, convert formats, resize, and apply watermarks directly using the Volcengine TOS SDK.

Quick Start

1. Client Initialization

The following Python snippet demonstrates how to initialize the TosClientV2 from environment variables.

import os
import tos
from tos.exceptions import TosClientError, TosServerError

def create_client() -> tos.TosClientV2:
    """Initializes a TosClientV2 using AK/SK (and optional STS token) from environment variables."""
    try:
        ak = os.getenv('TOS_ACCESS_KEY')
        sk = os.getenv('TOS_SECRET_KEY')
        endpoint = os.getenv('TOS_ENDPOINT')
        region = os.getenv('TOS_REGION')
        security_token = os.getenv('TOS_SECURITY_TOKEN') # Optional, for STS

        if not all([ak, sk, endpoint, region]):
            raise ValueError("Required environment variables are missing (AK, SK, Endpoint, Region).")

        return tos.TosClientV2(
            ak=ak,
            sk=sk,
            endpoint=endpoint,
            region=region,
            security_token=security_token,
        )
    except (ValueError, ImportError) as e:
        print(f"Error initializing client: {e}")
        return None

# Create the client
client = create_client()

2. Basic Workflow

# (Assumes 'client' is initialized and 'bucket_name', 'object_key' are set)

# 1. Get Image Info
try:
    response = client.get_object(bucket_name, object_key, process="image/info")
    info_data = response.read()
    print("Image Info:", info_data.decode('utf-8'))
except TosServerError as e:
    print(f"Error getting image info: {e}")

# 2. Resize an Image and save locally
try:
    client.get_object_to_file(
        bucket_name,
        object_key,
        "resized_image.jpg",
        process="image/resize,w_500,m_lfit" # Resize to 500px width, lfit mode
    )
    print("Resized image saved to resized_image.jpg")
except TosServerError as e:
    print(f"Error resizing image: {e}")

# 3. Convert Image to WebP and save back to TOS
try:
    response = client.get_object(
        bucket_name,
        object_key,
        process="image/format,f_webp,q_80", # Convert to WebP, quality 80
        save_bucket="my-output-bucket",
        save_object="processed/image.webp"
    )
    save_result = response.read()
    print("Converted image saved to TOS:", save_result.decode('utf-8'))
except TosServerError as e:
    print(f"Error saving converted image to TOS: {e}")

Core Operations

All image processing is achieved by passing a process string to the get_object or get_object_to_file SDK methods.

1. Get Image Info (ImageInfo)

Retrieves metadata of an image file, such as format, dimensions, and EXIF data.

SDK Method: client.get_object(..., process="image/info")

response = client.get_object(bucket_name, object_key, process="image/info")
image_metadata = response.read().decode('utf-8')
print(image_metadata)

2. Convert Image Format (ImageFormat)

Converts an image to a different format (e.g., JPEG, PNG, WebP) and adjusts quality.

SDK Method: client.get_object_to_file(..., process="image/format,f_webp,q_80")

# Convert to PNG format
client.get_object_to_file(
    bucket_name,
    object_key,
    "output.png",
    process="image/format,f_png"
)

3. Resize Image (ImageResize)

Resizes an image based on specified width, height, and resizing mode.

SDK Method: client.get_object_to_file(..., process="image/resize,w_800,h_600,m_fill")

# Resize to a maximum width of 1024px, maintaining aspect ratio
client.get_object_to_file(
    bucket_name,
    object_key,
    "resized_1024.jpg",
    process="image/resize,w_1024"
)

4. Apply Watermark (ImageWatermark & ImageBlindWatermark)

Adds a visible or blind watermark to an image. Parameters are complex and should be constructed according to the official TOS documentation.

SDK Method: client.get_object_to_file(..., process="image/watermark,...")

# Example for a text watermark (parameters must be Base64-encoded)
# This is a conceptual example. Refer to official docs for exact keys.
import base64
text_b64 = base64.b64encode("My Watermark".encode()).decode()
process_rule = f"image/watermark,type_1,text_{text_b64},size_40,p_9"

client.get_object_to_file(
    bucket_name,
    object_key,
    "watermarked.jpg",
    process=process_rule
)

5. Generic Image Processing (ImageProcess)

A flexible entry point that accepts any valid image processing string.

SDK Method: client.get_object(..., process="<full-process-string>")

# Example: Apply a Gaussian blur (hypothetical parameters)
client.get_object_to_file(
    bucket_name,
    object_key,
    "blurred.jpg",
    process="image/blur,r_5,s_2"
)

Authorization

Authentication is handled by tos.TosClientV2. Provide credentials via environment variables.

Required Environment Variables

  • TOS_ACCESS_KEY
  • TOS_SECRET_KEY
  • TOS_ENDPOINT
  • TOS_REGION

Optional for STS

  • TOS_SECURITY_TOKEN

Best Practices

  • Error Handling: Wrap SDK calls in try...except blocks to handle TosClientError and TosServerError.
  • Parameter Construction: For complex operations like watermarking, carefully construct the process string according to the official TOS documentation. Base64-encode parameter values where required.
  • Client Reuse: Initialize the TosClientV2 once and reuse it for multiple operations.

Additional Resources

  • For detailed parameters of each operation, see REFERENCE.md.
  • For common end-to-end examples, see WORKFLOWS.md.
  • For executable Python examples, see the scripts/ directory.
  • For the definitive list of all processing parameters, always consult the official Volcengine TOS Image Processing documentation.

Comments

Loading comments...