Byted Byteplus Vod Precision Erasure

ReviewAudited by ClawScan on May 14, 2026.

Overview

The skill appears purpose-aligned for BytePlus VOD upload and OCR erasure, but it needs cloud credentials and can create media assets/jobs in the configured VOD space.

Before installing, make sure you are comfortable giving the skill a scoped BytePlus VOD key. Only provide media files, URLs, and Vids you intend to upload or process, and treat returned playback URLs as shareable access links.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Medium

#ASI02: Tool Misuse and Exploitation

What this means

If the agent is given the wrong file, URL, Vid, or space name, it could upload media or start an erasure job in the user's BytePlus account, potentially creating new assets or costs.

Why it was flagged

This shows the skill can perform external upload and processing-job creation in BytePlus VOD. That is expected for the stated purpose, but it is a meaningful cloud-side action.

Skill content

Upload pipeline (local file): ApplyUploadInfo → TOS upload address + SessionKey ... CommitUploadInfo → Vid ... Precision erasure pipeline: Submit Erase task (StartExecution / Task.Type Erase) → RunId

Recommendation

Use it only with media you intend to upload/process, verify the VOD space and input before running, and review generated Vids/playback URLs before sharing them.

Medium

#ASI03: Identity and Privilege Abuse

What this means

The skill can act with whatever permissions the provided BytePlus/Volcengine key has for the configured account and VOD space.

Why it was flagged

The scripts authenticate to BytePlus/Volcengine APIs using access-key and secret-key environment variables. This is expected for VOD operations, but those credentials authorize account actions.

Skill content

ak = (os.environ.get("BYTEPLUS_ACCESSKEY") ... or (os.environ.get("VOLCENGINE_ACCESS_KEY") ...); sk = (os.environ.get("BYTEPLUS_SECRETKEY") ... or (os.environ.get("VOLCENGINE_SECRET_KEY") ...)

Recommendation

Use a least-privilege key limited to the intended VOD space/actions, keep secrets out of shared logs and repositories, and avoid overriding provider endpoints unless you trust the destination.

Low

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

A future dependency resolution could behave differently or inherit a dependency-side vulnerability, although no suspicious dependency behavior is shown here.

Why it was flagged

The dependency versions are lower-bounded rather than pinned, so future installs may resolve to newer package versions than those originally tested.

Skill content

dependencies = [
    "requests>=2.31.0",
    "python-dotenv>=1.0.0",
]

Recommendation

Prefer a lockfile or pinned versions in controlled environments, especially when using the skill with production cloud credentials.