seedream-image
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python script,
generate.py, to perform API requests for image generation. This is the primary function of the skill and is initiated after user confirmation of the generated prompts. - [EXTERNAL_DOWNLOADS]: The
generate.pyscript downloads generated images from URLs provided by the Volcengine (ByteDance) API. These files are saved to a localoutput/directory as part of the intended workflow. - [CREDENTIALS_UNSAFE]: The tool manages API keys using a local
.envfile or environment variables. The documentation correctly identifies this as a requirement and provides clear instructions and warnings against committing sensitive credentials to version control.
Audit Metadata