chenyu-aigc 安全扫描报告 — 可信 | ClawSafe

0 /100

chenyu-aigc

Generate AI videos and images via Chenyu Studio AIGC API. Supports text-to-video, image-to-video, video extension, style transfer, and AI image generation.

Documentation-only AI video generation skill that makes direct API calls to the declared Chenyu Studio endpoint using standard CLI tools — no hidden functionality, no exfiltration, no malicious patterns.

技能名称chenyu-aigc

分析耗时26.5s

引擎pi

✓

可以安装

Approve for use. The skill is a pure-document skill with no executable code; all shell usage (curl, jq, uuidgen, base64) is declared and serves a single, documented purpose: orchestrating AI video/image generation via the Chenyu API.

安全发现 1 项

严重性	安全发现	位置
低危	Undeclared filesystem:WRITE for temp file writes execute-recipe.md instructs the agent to write JSON payloads to /tmp/payload.json when handling large base64 data URIs, but SKILL.md metadata does not declare filesystem:WRITE access. This is a minor documentation gap, not a security violation. `cat > /tmp/payload.json <<EOF { "inputs": [...] } EOF` → Add 'filesystem:WRITE' to the metadata requires.env entry or document the /tmp usage in the description. Since the file is always local /tmp, the blast radius is minimal.	`execute-recipe.md:66`

资源类型	声明权限	推断权限	状态	证据
网络访问	`READ`	`READ`	✓ 一致	SKILL.md:48 — all curl calls target the declared $CHENYU_BASE_URL
命令执行	`WRITE`	`WRITE`	✓ 一致	SKILL.md:9-10 — declares curl, jq, uuidgen, base64 as required binaries
环境变量	`READ`	`READ`	✓ 一致	SKILL.md:11 — CHENYU_API_KEY and CHENYU_BASE_URL used for auth and config only
文件系统	`NONE`	`WRITE`	✓ 一致	execute-recipe.md:66 — writes /tmp/payload.json for large JSON bodies; not decla…
剪贴板	`NONE`	`NONE`	—
浏览器	`NONE`	`NONE`	—
数据库	`NONE`	`NONE`	—
技能调用	`NONE`	`NONE`	—

1 项发现

🔗

中危外部 URL 外部 URL

https://chenyu.pro

SKILL.md:52

目录结构

3 文件 · 9.2 KB · 287 行

Markdown 3f · 287L

├─ 📝 execute-recipe.md Markdown 146L · 4.6 KB

├─ 📝 manage-tasks.md Markdown 56L · 1.8 KB

└─ 📝 SKILL.md Markdown 85L · 2.7 KB

安全亮点

✓ No executable code — this is a documentation-only skill with zero attack surface from code execution

✓ All network traffic is to the single, clearly declared Chenyu Studio API endpoint (https://chenyu.pro)

✓ No credential exfiltration — CHENYU_API_KEY is used exclusively for Bearer-token auth to the declared API

✓ No base64 obfuscation — base64 is used only for converting local image files to data URIs, which is documented and necessary

✓ No subprocess chain abuse or command injection vectors

✓ No access to sensitive local paths (~/.ssh, ~/.aws, .env, etc.)

✓ No download-and-execute patterns (curl|bash, wget|sh)

✓ No hidden HTML content, obfuscated strings, or steganographic payloads

✓ All shell commands are declared as required binaries (curl, jq, uuidgen, base64)

✓ Idempotency-Key header prevents accidental duplicate task submissions