Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Doubao Image Gen 豆包图片生成
v1.0.0豆包AI图片生成技能 - 视觉设计师专用
⭐ 0· 156·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
Skill claims only to help generate images via the Doubao web UI, which legitimately involves interacting with a browser and saving files. However the instructions require writing to specific host paths (e.g., /home/success/.openclaw/media/browser/xxx.jpg and /mnt/d/OpenClaw/downloads/images/ / D:\OpenClaw\downloads\images\). These hard-coded, platform-mixed paths are not justified by the description and suggest the skill expects broad filesystem access or was written for a particular host environment.
Instruction Scope
SKILL.md directs the agent to perform UI actions, take screenshots, and then copy downloaded files to explicit absolute paths. It also enforces use of a 'message tool' and warns against virtual paths. These instructions require the agent to read/write host filesystem locations and perform automated browser operations beyond simply calling an image API—this is broader than a minimal 'generate-and-return image' workflow and grants access to local storage without declaring it.
Install Mechanism
Instruction-only skill with no install spec or downloaded code. This minimizes installation risk because nothing is written to disk by an installer; the security surface is the SKILL.md instructions themselves.
Credentials
No environment variables or credentials are requested (which is appropriate), but the instructions nonetheless reference and require access to specific filesystem locations and a Windows D: drive mount. The skill does not declare or justify the need for these host paths, which is disproportionate to the stated purpose and may lead to unexpected file access or overwriting.
Persistence & Privilege
The skill is not always-enabled and uses default autonomous invocation; it does not request persistent installation or modification of other skills. There is no install step that would persist code. However, its instructions assume filesystem writes which have persistence on the host.
Scan Findings in Context
[NO_CODE_FILES] expected: The scanner found no code files to analyze; this is an instruction-only skill. The primary security surface is the SKILL.md content (which does reference host paths).
What to consider before installing
This skill will ask the agent to interact with a browser, take screenshots, and copy files to absolute host paths (including /home/success/... and a D: drive mount). That behavior is more invasive than a simple web-image-generation helper and may read/write locations you don't expect. Before installing or using it, consider:
- Ask the author to remove hard-coded paths and use configurable, relative, or user-approved locations instead.
- Confirm which account and filesystem the agent will run under (the SKILL.md assumes /home/success and a /mnt/d mount).
- If you install it, run the agent in a sandboxed environment or a VM so file writes cannot affect your main system.
- If you don't want images copied to your D: drive, do not grant the agent filesystem access or edit the skill to use a safe path.
Given the explicit absolute paths and mixed-platform assumptions, treat this skill as suspicious until the instructions are clarified or the filesystem targets are changed to safe, configurable locations.Like a lobster shell, security has layers — review code before you run it.
latestvk97daq8rsmx6mg7v8e3h4wv9g183k7w8
License
MIT-0
Free to use, modify, and redistribute. No attribution required.