img2img - 图生图能力 Security Report — Low Risk | ClawSafe

20 /100

img2img - 图生图能力

使用 OpenAI DALL-E 3 API 根据文字描述生成图片

Straightforward DALL-E image generation skill with minor supply-chain and TLS verification concerns, but no malicious behavior detected.

Skill Nameimg2img - 图生图能力

Duration28.4s

Enginepi

✓

Safe to install

Pin the openai dependency to a specific version and remove rejectUnauthorized:false from the Node.js script to strengthen the security posture.

Findings 2 items

Severity	Finding	Location
Medium	Unpinned openai dependency Supply Chain package.json declares 'openai: ^6.32.0' without a strict version pin. This allows major version upgrades automatically, exposing the skill to supply chain attacks from a compromised upstream release. `"openai": "^6.32.0"` → Pin to a specific version: "openai": "6.32.0" or use a lockfile strategy	`package.json:3`
Medium	TLS certificate verification disabled Sensitive Access gen_image.js sets rejectUnauthorized:false on the HTTPS agent, disabling SSL/TLS certificate validation. This exposes API communication to man-in-the-middle attacks, potentially leaking the API key. `httpAgent: new https.Agent({ rejectUnauthorized: false })` → Remove the httpAgent option entirely; let the default TLS verification apply	`gen_image.js:13`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`NONE`	`NONE`	—	No filesystem access in any script
Network	`READ`	`READ`	✓ Aligned	Both scripts only make outbound HTTPS requests to api.openai.com
Shell	`NONE`	`NONE`	—	No subprocess or shell execution found
Environment	`READ`	`READ`	✓ Aligned	Scripts read API_KEY env var, which is declared in SKILL.md
Skill Invoke	`NONE`	`NONE`	—	No skill invocation found
Clipboard	`NONE`	`NONE`	—	No clipboard access found
Browser	`NONE`	`NONE`	—	No browser access found
Database	`NONE`	`NONE`	—	No database access found

5 files · 3.5 KB · 162 lines

Python 1f · 45L JavaScript 1f · 41L Markdown 1f · 38L JSON 2f · 38L

├─ 📜 gen_image.js JavaScript 41L · 982 B

├─ 🐍 gen_image.py Python 45L · 1.1 KB

├─ 📋 package-lock.json JSON 33L · 745 B

├─ 📋 package.json JSON 5L · 52 B

└─ 📝 SKILL.md Markdown 38L · 728 B

Package	Version	Source	Known Vulns	Notes
`openai`	`^6.32.0`	npm	No	Version not pinned; caret allows major version upgrades

✓ SKILL.md accurately describes the skill's behavior and matches implementation

✓ No obfuscation, base64, or hidden code paths detected

✓ No credential exfiltration or data theft behavior

✓ No sensitive file or path access (~/.ssh, ~/.aws, .env) beyond the declared API_KEY env var

✓ No reverse shell, C2, or remote code execution patterns

✓ API key is used only for the declared DALL-E API call and not transmitted elsewhere