v1.0.0

Byted Podcast Gen

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:29 AM.

Analysis

The podcast generator is purpose-aligned, but its code can use undeclared Ark credentials to list or create speech API keys and save them locally.

GuidanceReview carefully before installing. The podcast-generation behavior is plausible, but you should only use it if you understand and accept the credential behavior: it may use ARK_SKILL_API_KEY/ARK_SKILL_API_BASE, create a speech API key, and store MODEL_SPEECH_API_KEY in scripts/.env. Prefer a version that declares these credentials clearly and asks before creating or saving keys.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Rogue Agents

SeverityMediumConfidenceHighStatusConcern

scripts/api_key.py

set_key(dotenv_path, key, value, quote_mode="never")
...
os.chmod(dotenv_path, 0o600)
...
_persist_env_to_dotenv_if_available(_dotenv_path(), "MODEL_SPEECH_API_KEY", created_key)

The helper can save a retrieved or newly created API key into a persistent .env file inside the skill directory.

User impactA speech API key may remain stored after the podcast task finishes, which can affect future runs and leaves a credential that the user may not know to rotate or delete.

RecommendationAvoid automatic credential persistence, or ask the user before saving keys and provide clear instructions for where the key is stored, how to delete it, and how to revoke it.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityHighConfidenceHighStatusConcern

scripts/api_key.py

ark_key = os.getenv("ARK_SKILL_API_KEY", "").strip()
base = os.getenv("ARK_SKILL_API_BASE", "").strip()
...
"Authorization": f"Bearer {ark_key}"
...
_build_action_url(base, "ListAPIKeys")
...
_build_action_url(base, "CreateAPIKey")

The skill reads undeclared Ark credentials and uses them to list or create API keys for the speech service. That is account-level credential authority beyond simply requiring a user-provided speech API key.

User impactIf those Ark environment variables are present, installing or running the skill may cause the agent to use delegated account credentials and create a new speech API key without a clear separate approval step.

RecommendationDeclare all credential requirements, require explicit user approval before listing or creating API keys, restrict the API base to an expected trusted host, and document the exact account permissions needed.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityLowConfidenceHighStatusNote

scripts/podcast.py

ENDPOINT = "wss://openspeech.bytedance.com/api/v3/sami/podcasttts"
...
"input_text": args.text,
...
"prompt_text": args.prompt_text,
...
"input_url": args.input_url

The skill sends user-provided topics, long text, or URLs to the external Bytedance/Volcengine podcast TTS service, which is expected for this skill but still a sensitive data flow.

User impactPrivate text, uploaded-file contents, or URLs used to generate a podcast may be transmitted to the external speech provider.

RecommendationUse the skill only with content you are comfortable sending to the provider, and the skill publisher should document provider data handling and retention expectations.