doubao-all-in-one Security Report — Trusted | ClawSafe

5 /100

doubao-all-in-one

使用豆包（火山引擎 Ark）生成图片或视频，将结果保存到本地

Legitimate Doubao/Volcengine AI media generation skill with no malicious indicators; all network activity is to official API endpoints.

Skill Namedoubao-all-in-one

Duration35.1s

Enginepi

✓

Safe to install

No action needed. The skill is safe to use.

Findings 1 items

Severity	Finding	Location
Low	Local IP detection via 8.8.8.8 socket connection Sensitive Access The get_local_ip() function in create_video_task.py uses s.connect(('8.8.8.8', 80)) to determine the local network interface IP. This is a standard, well-documented technique used by many tools (including requests library). 8.8.8.8 is Google's public DNS — not a C2 or exfiltration endpoint. `s.connect(("8.8.8.8", 80))` → No action needed. This is legitimate behavior. Could optionally use a different anchor like 1.1.1.1 for diversity, but 8.8.8.8 is benign here.	`scripts/create_video_task.py:45`

Resource	Declared	Inferred	Status	Evidence
Network	`READ`	`READ`	✓ Aligned	All outbound requests to ark.cn-beijing.volces.com, the official Doubao Ark API …
Filesystem	`WRITE`	`WRITE`	✓ Aligned	Writes to OUTPUT_ROOT/outputs/doubao/ only, as declared in SKILL.md
Environment	`READ`	`READ`	✓ Aligned	Reads ARK_API_KEY and OUTPUT_ROOT env vars only, as declared in SKILL.md
Shell	`WRITE`	`WRITE`	✓ Aligned	Uses uv run python for script execution, as declared in SKILL.md

1 High 2 findings

📡

High IP Address 硬编码 IP 地址

8.8.8.8

scripts/create_video_task.py:45

🔗

Medium External URL 外部 URL

https://ark.cn-beijing.volces.com/api/v3

scripts/common.py:57

File Tree

14 files · 84.0 KB · 2227 lines

Python 9f · 1535L Markdown 4f · 688L YAML 1f · 4L

├─ ▾ 📁 agents

│ └─ 📋 openai.yaml YAML 4L · 272 B

├─ ▾ 📁 references

│ ├─ 📝 seedance_1_5_pro_prompt_guide.md Markdown 162L · 7.6 KB

│ ├─ 📝 seedream_prompt_guide.md Markdown 97L · 6.4 KB

│ └─ 📝 usage.md Markdown 44L · 1.2 KB

├─ ▾ 📁 scripts

│ ├─ 🐍 common.py Python 392L · 11.9 KB

│ ├─ 🐍 create_video_task.py Python 343L · 11.4 KB

│ ├─ 🐍 delete_video_task.py Python 51L · 1.4 KB

│ ├─ 🐍 download_video.py Python 61L · 1.9 KB

│ ├─ 🐍 image_to_image.py Python 148L · 5.9 KB

│ ├─ 🐍 list_video_tasks.py Python 68L · 2.1 KB

│ ├─ 🐍 query_video_task.py Python 116L · 3.7 KB

│ ├─ 🐍 text_to_image.py Python 136L · 5.5 KB

│ └─ 🐍 webhook_server.py Python 220L · 8.2 KB

└─ 📝 SKILL.md Markdown 385L · 16.2 KB

Dependencies 2 items

Package	Version	Source	Known Vulns	Notes
`volcengine-python-sdk[ark]`	`*`	pip	No	Version not pinned, but package source is trusted (official Volcengine SDK)
`flask`	`*`	pip	No	Version not pinned in webhook_server.py

Security Positives

✓ No credential theft — only reads ARK_API_KEY which is required for the Doubao API

✓ No data exfiltration — all network traffic goes to ark.cn-beijing.volces.com (official Volcengine endpoint)

✓ No obfuscation — all code is plaintext Python, easy to audit

✓ No RCE or subprocess abuse — uses uv run python as declared in SKILL.md

✓ No hidden functionality — SKILL.md accurately describes all capabilities

✓ Webhook server binds to localhost only (127.0.0.1:8888) with token-based auth

✓ SQLite database is stored locally under OUTPUT_ROOT, not externally accessible

✓ No access to sensitive paths like ~/.ssh, ~/.aws, or .env files

✓ Pinned SDK dependency: volcengine-python-sdk[ark]

✓ Webhook server includes IP-based access control rejecting non-localhost origins

Scan Report

Findings 1 items

File Tree

Dependencies 2 items

Security Positives