img2img - 图生图能力安全扫描报告 — 低风险 | ClawSafe

20 /100

img2img - 图生图能力

使用 OpenAI DALL-E 3 API 根据文字描述生成图片

Straightforward DALL-E image generation skill with minor supply-chain and TLS verification concerns, but no malicious behavior detected.

技能名称img2img - 图生图能力

分析耗时28.4s

引擎pi

✓

可以安装

Pin the openai dependency to a specific version and remove rejectUnauthorized:false from the Node.js script to strengthen the security posture.

安全发现 2 项

严重性	安全发现	位置
中危	Unpinned openai dependency 供应链 package.json declares 'openai: ^6.32.0' without a strict version pin. This allows major version upgrades automatically, exposing the skill to supply chain attacks from a compromised upstream release. `"openai": "^6.32.0"` → Pin to a specific version: "openai": "6.32.0" or use a lockfile strategy	`package.json:3`
中危	TLS certificate verification disabled 敏感访问 gen_image.js sets rejectUnauthorized:false on the HTTPS agent, disabling SSL/TLS certificate validation. This exposes API communication to man-in-the-middle attacks, potentially leaking the API key. `httpAgent: new https.Agent({ rejectUnauthorized: false })` → Remove the httpAgent option entirely; let the default TLS verification apply	`gen_image.js:13`

资源类型	声明权限	推断权限	状态	证据
文件系统	`NONE`	`NONE`	—	No filesystem access in any script
网络访问	`READ`	`READ`	✓ 一致	Both scripts only make outbound HTTPS requests to api.openai.com
命令执行	`NONE`	`NONE`	—	No subprocess or shell execution found
环境变量	`READ`	`READ`	✓ 一致	Scripts read API_KEY env var, which is declared in SKILL.md
技能调用	`NONE`	`NONE`	—	No skill invocation found
剪贴板	`NONE`	`NONE`	—	No clipboard access found
浏览器	`NONE`	`NONE`	—	No browser access found
数据库	`NONE`	`NONE`	—	No database access found

5 文件 · 3.5 KB · 162 行

Python 1f · 45L JavaScript 1f · 41L Markdown 1f · 38L JSON 2f · 38L

├─ 📜 gen_image.js JavaScript 41L · 982 B

├─ 🐍 gen_image.py Python 45L · 1.1 KB

├─ 📋 package-lock.json JSON 33L · 745 B

├─ 📋 package.json JSON 5L · 52 B

└─ 📝 SKILL.md Markdown 38L · 728 B

包名	版本	来源	已知漏洞	备注
`openai`	`^6.32.0`	npm	否	Version not pinned; caret allows major version upgrades

✓ SKILL.md accurately describes the skill's behavior and matches implementation

✓ No obfuscation, base64, or hidden code paths detected

✓ No credential exfiltration or data theft behavior

✓ No sensitive file or path access (~/.ssh, ~/.aws, .env) beyond the declared API_KEY env var

✓ No reverse shell, C2, or remote code execution patterns

✓ API key is used only for the declared DALL-E API call and not transmitted elsewhere