Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Doubao Image Video Skill V2
v0.1.1Doubao (Volcengine ARK) API Shell 脚本实现 - 文本生图、图片编辑和文本生视频,接口文档https://www.volcengine.com/docs/82379/1520757?lang=zh#y2hhTyHB
⭐ 1· 813·5 current·6 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name, README, SKILL.md, and scripts all implement text-to-image, image-editing and text-to-video functionality and require only an ARK_API_KEY and standard tools (curl, jq). This is proportionate to the described capability. However the API base URL in the scripts (https://ark.cn-beijing.volces.com/...) does not exactly match the Volcengine docs linked in the README (volcengine.com) — the hostname 'volces.com' is unexpected and should be verified.
Instruction Scope
Runtime instructions and scripts stay within the task scope: they read ARK_API_KEY, call remote API endpoints, download returned media into a local data/ directory, and poll task status. They do not read system files or other credentials. Two caveats: (1) the scripts directly interpolate user-supplied prompts into JSON here-docs without escaping, which may break or alter requests if prompts contain quotes/newlines and could lead to malformed/undesired API payloads; (2) the skill will download arbitrary URLs returned by the remote service into data/, so a malicious or compromised endpoint could deliver unexpected content—verify the endpoint before trusting downloads.
Install Mechanism
There is no packaged install/download step — this is essentially instruction + shell scripts. Dependencies are only curl and jq (documented). No remote archive downloads or installers are executed by the skill itself.
Credentials
The only required secret is ARK_API_KEY, which is appropriate for a client of Volcengine/ARK services and is declared in the skill manifest. The documentation suggests adding it to ~/.bashrc (persistent plaintext) — convenient but increases risk if the machine is multi-user or compromised. No other unrelated credentials or config paths are requested.
Persistence & Privilege
The skill does not request always:true, does not modify other skills or system-wide configs, and only writes generated media into a local data/ directory under the skill workspace. It runs only when invoked.
What to consider before installing
This skill mostly does what it says, but verify two things before installing: (1) Confirm the API hostname used in scripts (ark.cn-beijing.volces.com) is the legitimate Volcengine/ARK endpoint for your region — the README links to volcengine.com but the script uses volces.com, which could be a typo or malicious. If unsure, replace the endpoint with the official Volcengine API URL. (2) Be aware prompts are inserted directly into JSON without escaping — avoid passing untrusted input or inputs with quotes/newlines; this is more of a reliability/security hygiene issue. Additional precautions: do not store your ARK_API_KEY in world-readable files; if you must persist it, prefer a restricted credential store or environment scoped to the user; run the skill in an isolated account or VM until you confirm network targets and behavior; inspect network traffic (or run the script with a proxy) to confirm requests go to the expected host. If you want higher assurance, ask the maintainer for clarification of the API domain or a signed/reputable release.Like a lobster shell, security has layers — review code before you run it.
latestvk97er8fsb8a564ranxfy2g9n5s825m9p
License
MIT-0
Free to use, modify, and redistribute. No attribution required.