Seedream5

使用火山引擎豆包 Seedream 5.0 生成或编辑图片。支持文生图、单图/多图生图、组图、联网搜索。

This skill appears to do what it says: it will send prompts and any provided input images to Volcano Engine's image generation API and save returned images locally. Before installing: 1) Only provide an API key you trust and are willing to use with a third‑party image service (consider a scoped/ephemeral key if available). 2) Do not upload sensitive images (IDs, private photos) because input images are transmitted to the remote API. 3) Verify the 'uv' brew package source on your platform if you care about install provenance. 4) If you use shared or persisted openclaw.json credentials, be aware they are stored locally in that config file and will be injected as VOLC_API_KEY. 5) Review the included script if you need stricter controls (e.g., preventing upload of local files or restricting web-search).

Type: OpenClaw Skill Name: seedream5 Version: 1.0.0 thought The user wants me to analyze an OpenClaw AgentSkills skill bundle (ZIP content provided as text). I need to classify it as `benign`, `suspicious`, or `malicious` based on specific criteria: - Data exfiltration - Malicious execution - Persistence/backdoors - Prompt injection against the agent - Obfuscation - Supply chain issues I must distinguish between vulnerabilities (suspicious) and intentional malice (malicious). `_meta.json`: Standard metadata (ownerId, slug, version, publishedAt). Looks benign. `SKILL.md`: - Name: `seedream5` - Description: Image generation/editing using Volcano Engine Seedream 5.0. - Metadata: Requires `uv` and `VOLC_API_KEY`. - Instructions for the agent: - Text-to-image: `uv run {baseDir}/scripts/generate_image.py --prompt "..." --filename "..." --resolution 2K` - Image-to-image: `-i "/path/in.png"` - Multi-image: multiple `-i` flags. - API Key configuration instructions (env vars, config file). - Optional parameters: aspect ratio, watermark, sequential, web search, URL input. - Note: "不要读取图片内容回传，仅报告保存路径即可" (Do not read image content back, just report the save path). This is a safety instruction for the agent. - Analysis: The instructions seem aligned with the stated purpose. No obvious prompt injection to steal data or run unauthorized commands. `scripts/generate_image.py`: - Shebang: `#!/usr/bin/env python3` - Inline script metadata for `uv`: requires `requests` and `pillow`. - Constants: `API_BASE` points to `ark.cn-beijing.volces.com` (Volcano Engine/ByteDance). `MODEL` is `doubao-seedream-5-0-260128`. - `get_api_key`: Reads from arg or env vars (`VOLC_API_KEY`, `ARK_API_KEY`). - `image_to_base64`: Uses `PIL` to load local images and convert them to base64 data URIs. - `main`: - Parses arguments: `--prompt`, `--filename`, `--input-image`, `--resolution`, `--aspect-ratio`, `--api-key`, `--no-watermark`, `--model`, `--sequential`, `--max-images`, `--web-search`. - Handles input images: supports URLs or local paths. Local paths are converted to base64. - Constructs a JSON body for the API request. - Sends a POST request to `https://ark.cn-beijing.volces.com/api/v3/images/generations`. - Handles the response: decodes `b64_json` and writes to the specified `output_path`. - Prints `MEDIA:<path>` for OpenClaw integration. - Analysis: - The script does exactly what it says. - It uses `requests` to talk to a legitimate endpoint (`volces.com`). - It reads local files provided via `--input-image`, which is expected for an image editing tool. - It writes to a local file provided via `--filename`. - No evidence of exfiltrating environment variables (other than the API key to the intended API). - No evidence of `eval`, `exec`, or `os.system`. - No obfuscation. `scripts/test_generate_image.py`: - Simple unit tests for resolution detection and size choosing logic. - Uses `importlib` to load the script. - Analysis: Benign. `README.md`: - Installation instructions. - Configuration instructions. - Analysis: Benign. - Data exfiltration: None. The API key is sent to the official Volcano Engine API. - Malicious execution: None. - Persistence: None. - Prompt injection: None. The instruction "不要读取图片内容回传" is actually a defensive instruction to prevent the agent from dumping binary data into the chat. - Obfuscation: None. - Supply chain: Uses `uv` and standard libraries (`requests`, `pillow`). The skill bundle is a legitimate tool for interacting with the Volcano Engine image generation API. Classification: benign. Summary: The skill bundle provides a script to interface with the Volcano Engine Seedream 5.0 API for image generation and editing. It uses standard Python libraries (`requests`, `pillow`) and follows OpenClaw conventions. No malicious behavior, data exfiltration, or suspicious execution patterns were found. The code is well-structured and includes unit tests. ```json { "classification": "benign", "summary": "The skill bundle provides a legitimate interface for the Volcano Engine Seedream 5.0 image generation API. The core script (scripts/generate_image.py) correctly handles image processing using Pillow and communicates with the official API endpoint (ark.cn-beijing.volces.com). No evidence of data exfiltration, malicious execution, or prompt injection was found; the instructions even include a safety note advising the agent not to dump raw image content into the chat." } ```