Security Audit

volcengine-video-generate

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

CAUTION

Scanned 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

volcengine-video-generate received a trust score of 72/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 3 findings: 0 critical, 1 high, 2 medium, and 0 low severity. Key findings include Suspicious import: urllib.request, Arbitrary Local File Read and Exfiltration, Arbitrary File Write via User-Controlled Filename.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

93%

Dependency Graph

100%

LLM Behavioral Safety

78%

Behavioral Risk Signals

Network Access

3 findings

Filesystem Write

2 findings

Excessive Permissions

1 finding

Security Findings3

Severity	Finding	Layer	Location
HIGH	Arbitrary Local File Read and Exfiltration The skill allows users to provide a local file path for `first_frame_image`. The `get_image_content` function reads the content of this file, base64 encodes it, and then sends it as part of the API request to the Volcengine service. An attacker could specify a path to a sensitive file (e.g., `/etc/passwd`, `~/.ssh/id_rsa`, environment files) to read its content and potentially exfiltrate it via the external API call. Implement strict validation for `first_frame_image` paths. Only allow files within a designated, sandboxed directory, or disallow local file paths entirely if not strictly necessary. If local files are required, ensure they are within a secure, non-sensitive directory and consider size limits.	LLM	scripts/video_generate.py:30
MEDIUM	Suspicious import: urllib.request Import of 'urllib.request' detected. This module provides network or low-level system access. Verify this import is necessary. Network and system modules in skill code may indicate data exfiltration.	Static	skills/warm-wm/volcengine-video-generate/scripts/video_generate.py:18
MEDIUM	Arbitrary File Write via User-Controlled Filename The `filename` argument, directly provided by the user, is used without sanitization in `urllib.request.urlretrieve` to save the generated video. An attacker could use path traversal sequences (e.g., `../../`) in the `filename` to write the video file to an arbitrary location on the filesystem, potentially overwriting existing files or writing to sensitive directories. Sanitize the `filename` input to prevent path traversal. Ensure the filename is a simple filename or restrict it to a specific output directory. For example, use `os.path.basename(filename)` to extract only the file name, and then combine it with a secure, predefined output directory.	LLM	scripts/video_generate.py:100

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/af92a400747a2b10.svg)](https://skillshield.io/report/af92a400747a2b10)