ClawHub

Huo15 Comic Storyboard

AdvisoryAudited by Static analysis on Apr 30, 2026.

Overview

No suspicious patterns detected.

Findings (0)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Concern
ASI02: Tool Misuse and Exploitation
What this means

A malformed or untrusted script.json could make the skill create or overwrite .png files outside the intended output folder.

Why it was flagged

The scene id comes from script.json and is used directly as part of the output file path. Absolute paths or path traversal sequences in the scene id could cause generated images to be written outside the requested storyboard directory.

Skill content
sid = scene["id"]
out = out_dir / f"{sid}.png"
...
download(url, out)
Recommendation

Sanitize scene ids to safe filenames, reject absolute paths and path separators, and verify the resolved output path remains inside out_dir before writing.

Concern
ASI07: Insecure Inter-Agent Communication
What this means

If the character manifest is wrong or malicious, the skill could upload unintended local files as reference images to the external provider.

Why it was flagged

Reference image paths are taken from the character manifest and sent to the provider workflow without checking that they are under --char-dir. ArkClient converts local reference paths into data URIs for the remote image-generation request.

Skill content
for img in info.get("images", []):
    if "_full." in img:
        refs.append(img)
...
client.generate_image(
    prompt=prompt,
    reference_images=refs,
    size="768x1344",
)
Recommendation

Only use trusted character manifests, and update the skill to resolve and require reference paths to stay under the selected character directory with image-type validation.

Note
ASI03: Identity and Privilege Abuse
What this means

Users must provide a provider API key, and the key may authorize paid generation requests.

Why it was flagged

The code requires an ARK_API_KEY provider credential. That is expected for Seedream generation, but the registry metadata says no required env vars or primary credential.

Skill content
self.api_key = api_key or os.environ.get("ARK_API_KEY", "")
if not self.api_key:
    raise RuntimeError("缺少 ARK_API_KEY 环境变量")
Recommendation

Document ARK_API_KEY in metadata and use a limited-scope or budget-limited key where possible.