v1.0.1

seedance2-skill

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:55 AM.

Analysis

The skill is aligned with Seedance video generation, but it deserves review because it can autonomously send user media to Volcengine and use an undeclared Ark API key to create generation tasks.

GuidanceReview this skill before installing. It appears designed for legitimate Seedance video creation, but you should ensure it asks before using your Ark API key, uploading media, or starting paid generation jobs. Use a limited API key if possible and avoid submitting sensitive personal or business media unless you are comfortable sending it to Volcengine.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

SKILL.md

you autonomously decide how to turn it into a creative... Seedance video prompt — calling the API to generate when appropriate

The skill explicitly lets the agent decide when to invoke the generation API rather than requiring a clear user approval checkpoint before creating tasks.

User impactThe agent could upload provided media and start a potentially paid video-generation task before the user has reviewed the final prompt, model, duration, or cost implications.

RecommendationRequire explicit user confirmation before every API generation call, including the exact prompt, assets, model, duration, output location, and any expected cost.

Unexpected Code Execution

SeverityLowConfidenceMediumStatusNote

scripts/seedance.py

if sys.platform == "darwin":
                        os.system(f'open "{filepath}"')

After downloading a generated video, the script invokes a shell command to open the file on macOS.

User impactThe downloaded file may open automatically on macOS, and shell-based path handling is more fragile than using a safer subprocess call.

RecommendationAvoid automatic opening by default, or replace os.system with a non-shell subprocess invocation and clearly document the behavior.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusConcern

scripts/seedance.py

key = os.environ.get("ARK_API_KEY") ... "Error: ARK_API_KEY environment variable is not set."

The API client requires a Volcengine Ark bearer token, while the registry metadata says there are no required env vars and no primary credential.

User impactA user may install the skill without realizing it needs a provider API key that can consume account quota or access generation tasks.

RecommendationDeclare ARK_API_KEY as the primary credential in metadata, document the exact scope needed, and advise users to use a limited key where possible.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityLowConfidenceHighStatusNote

scripts/seedance.py

BASE_URL = "https://ark.cn-beijing.volces.com/api/v3/contents/generations/tasks" ... "image_url": {"url": resolve_image(args.image)} ... "video_url": {"url": resolve_media(v, "video")}

The script converts local or URL media inputs into API payloads and sends them to the Volcengine Ark generation endpoint.

User impactPrivate images, videos, or audio supplied for generation may be transmitted to an external provider as part of the normal workflow.

RecommendationOnly use media you are comfortable sending to Volcengine, and add a preflight disclosure/confirmation step listing every file or URL that will be uploaded.