Skills
skills/bytedance/agentkit-samples/byted-seedream-image-generate/Gen Agent Trust Hub

byted-seedream-image-generate

Fail

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [CREDENTIALS_UNSAFE]: The script scripts/seedream_image_generate.py contains a logging statement that prints the full HTTP request headers to the standard output. This includes the Authorization header with the Bearer token (API Key), leading to potential credential exposure in logs or terminal history.
  • [COMMAND_EXECUTION]: The skill executes a local Python script to perform image generation tasks, including prompt processing and communication with the external API.
  • [EXTERNAL_DOWNLOADS]: The script makes network requests to ark.cn-beijing.volces.com to access the Volcano Engine Seedream image generation service. This is the official endpoint provided by the vendor ByteDance for the skill's primary functionality.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Apr 10, 2026, 08:45 AM