即梦 AI 图片生成（4.0）

Name: jimeng-image-gen
Author: ken0521

View on ClawHub↗

Share on X Share on LinkedIn Share on Bluesky

70High

This image generation skill is highly vulnerable to prompt,

ThreatsCI SM CS BC S HITL

Behavior Analysis

Description verified — behavior matches claim

Claims to do

即梦 AI 图片生成（4.0）: 基于火山引擎**即梦 AI 图片生成 4.0** 异步接口，纯 Node.js 内置模块，零依赖。

Actually does

The skill executes Node.js scripts (`jimeng.mjs`) to interact with the Volcano Engine Jimeng AI Image Generation 4.0 API. It uses `JIMENG_ACCESS_KEY` and `JIMENG_SECRET_KEY` for authentication and accepts user-provided prompts, image URLs, and output parameters to generate and optionally save images locally.

Threat Analysis

AI Agent Traps ↗Scanned 4/16/2026

Content InjectionPerception1 finding

Semantic ManipulationReasoningclean

Cognitive StateMemory & Learningclean

Behavioural ControlAction4 findings

SystemicMulti-Agent Dynamicsclean

Human-in-the-LoopHuman Overseerclean

Skill Info

Nameken0521/jimeng-image-gen

Registryclawhub

Version1.0.0

PURLpkg:clawhub/ken0521/jimeng-image-gen@1.0.0

Stars4

Downloads1,161

Installs3

Source

Repository ↗

SHA-2569c0e5dcd5c95...

SHA-10934b96e56d8...

MD598675da772dd...

TLSHc261c5ec8d23...

Size3,402 bytes

Install

This skill has been flagged as potentially malicious. Review the findings below before installing.

OpenClawDocs

https://clawhub.ai/ken0521/jimeng-image-gen

1,161 downloads3 installs

ClawHubDocs

openclaw skills install ken0521/jimeng-image-gen

Assessments (2)

AI Agent Traps ↗

Prompt Injection Detectedhighprompt injection

DeBERTa classifier detected prompt injection (confidence: 0.78)

78% confidence

Arbitrary File Write via --save parameterhighcommand execution

The `--save <路径>` parameter allows users to specify a local file path for saving images. Without proper sanitization, this could lead to path traversal or writing files to arbitrary locations on the system.

90% confidenceline 82

`--save <路径>` | 保存图片到本地

Server-Side Request Forgery (SSRF) via --image-urlhighssrf

The `--image-url` parameter accepts a user-provided URL. If the skill fetches content from this URL without validation, it could be exploited for SSRF to probe internal networks or access internal resources.

90% confidenceline 75

`--image-url` | 参考图 URL

Potential Command Injection via user input parametersmediumcommand execution

User-controlled inputs like `--prompt`, `--text`, `--color`, and `--illustration` are passed to a Node.js script. If these inputs are not properly escaped when used in subsequent shell commands within the script, it could lead to command injection.

70% confidenceline 30

node {baseDir}/scripts/jimeng.mjs generate --prompt "..."

Resource Abuse / Financial Impactmediumimpact

The skill's billing model charges per output image, and the AI may generate multiple images by default. An attacker could intentionally submit requests designed to generate many images, incurring high costs for the user or platform.

80% confidenceline 73

计费：按输出图片张数计费，AI 默认可能输出多张

Badge

Markdown

[![Mondoo Skill Check](https://mondoo.com/ai-agent-security/api/badge/clawhub/ken0521/jimeng-image-gen.svg)](https://mondoo.com/ai-agent-security/skills/clawhub/ken0521/jimeng-image-gen)

HTML

<a href="https://mondoo.com/ai-agent-security/skills/clawhub/ken0521/jimeng-image-gen"><img src="https://mondoo.com/ai-agent-security/api/badge/clawhub/ken0521/jimeng-image-gen.svg" alt="Mondoo Skill Check" /></a>

Image URL

https://mondoo.com/ai-agent-security/api/badge/clawhub/ken0521/jimeng-image-gen.svg

Secure your AI agents

Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.

Continuous scanning of skills across all registries
Policy enforcement before skills reach your agents
Integration with your existing security workflow