Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Byted Seedream Image Generate
v1.0.0Generate high-quality images from text prompts using Volcano Engine Seedream models. Supports multiple artistic styles and aspect ratios. Use this skill when...
⭐ 0· 66·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill's name and description (Volcano Engine / Seedream image generation) match the included Python client which calls a Volcano Engine API. However the registry metadata claims 'Required env vars: none' while both SKILL.md and the script actually require an API key (ARK_API_KEY or MODEL_IMAGE_API_KEY or MODEL_AGENT_API_KEY) and optionally an API base URL. That metadata mismatch is an incoherence the user should be aware of.
Instruction Scope
The runtime instructions are narrowly scoped to building and sending image-generation requests, which is appropriate. However the script prints full request headers and bodies to stdout, and the printed headers include the Authorization: Bearer <API_KEY> value — this will expose the API key in logs, chat transcripts, or other outputs. The SKILL.md does not warn about these debug prints or recommend redaction.
Install Mechanism
No install spec (instruction-only + a Python script). That minimizes install-time risk — nothing is downloaded or written during installation by the registry metadata. The presence of a single script is reasonable for a client wrapper.
Credentials
The script legitimately needs a single API key and an optional base URL for the Seedream/Volcano Engine API, which is proportionate. But the package metadata failing to declare required environment variables is misleading. More importantly, the script's debug output will expose that secret to any place that captures stdout/stderr, increasing risk of accidental credential leakage.
Persistence & Privilege
The skill does not request elevated or persistent privileges (always:false, no config paths, no modifications to other skills). It runs as a normal client script and does not persist or modify agent configuration.
What to consider before installing
This skill appears to implement a legitimate client for Volcano Engine Seedream models, but take these precautions before installing or running it:
- Treat it as suspicious until the toolbar/registry metadata is corrected to declare the required API key env vars (ARK_API_KEY / MODEL_IMAGE_API_KEY / MODEL_AGENT_API_KEY).
- Do not run the script in environments where stdout/stderr are widely logged or shared (CI logs, public shells, chat transcripts). The script prints the full Authorization header (Bearer <API_KEY>) and request bodies to stdout, which will leak your API key and potentially prompt content.
- Prefer an updated script that removes or redacts debug prints (remove printing of headers or mask the Authorization header), or run it after editing to sanitize logging.
- Verify the API_BASE host (default is ark.cn-beijing.volces.com) is the correct official endpoint you expect to use, and use a dedicated API key with least privilege and billing controls.
- If you need stronger assurance, ask the publisher for an updated SKILL.md and code that (a) documents required env vars in registry metadata, (b) stops printing secrets, and (c) documents exactly how web-search/tools integration is implemented (the README mentions web tools for 5.0 but the client shows only passing 'tools' field; confirm no unexpected network calls).
If you cannot safely vet or modify the script yourself, consider not installing it or running it only with a throwaway API key.Like a lobster shell, security has layers — review code before you run it.
latestvk979bxnh6c0n3nbqg91m6ra1wx83w57w
License
MIT-0
Free to use, modify, and redistribute. No attribution required.