← Back to Directory

OpenAI Image Gen

Scanned on 2/7/2026

72/100low

Legitimate OpenAI image generation script with proper API usage, but has path traversal risks and writes files to user-controlled locations without sufficient validation.

Trust Score
72/100
Risk Level
medium
Issues Found
5

Security Analysis

This script is a legitimate OpenAI image generation tool with generally good security practices. It properly uses the official OpenAI API, handles credentials via environment variables, and includes basic input sanitization. However, it has medium-severity filesystem security concerns: the --out-dir parameter allows users to specify arbitrary write locations without validation, and while the slugify() function sanitizes prompts used in filenames, there's no explicit check to prevent path traversal characters in the final filename. The script also downloads content from API-provided URLs without validation. These issues don't represent immediate critical risks for typical usage, but could be exploited if an attacker controls the input parameters or if the OpenAI API is compromised. The trust score of 72 reflects that this is functional, legitimate code with standard security practices but requiring filesystem access hardening before use in production environments.

Security Findings

medium - filesystem

Path traversal vulnerability in output directory - user-supplied --out-dir is expanded but not validated, allowing writes to arbitrary filesystem locations

Evidence:

out_dir = Path(args.out_dir).expanduser() if args.out_dir else default_out_dir() out_dir.mkdir(parents=True, exist_ok=True)
Recommendation: Validate that the resolved output directory is within expected boundaries. Reject paths containing '..' or absolute paths outside safe zones. Use Path.resolve() and check if it's a subdirectory of allowed locations.
medium - filesystem

Filename generation uses user-controlled prompt data with insufficient sanitization - slugify() may not prevent all path traversal attempts

Evidence:

filename = f"{idx:03d}-{slugify(prompt)[:40]}.{file_ext}" filepath = out_dir / filename
Recommendation: Add explicit validation to ensure filename doesn't contain path separators ('/', '\') after slugification. Consider using a whitelist approach for allowed characters.
low - network

Downloads images from URLs returned by API without content validation - could potentially write malicious content if API is compromised

Evidence:

urllib.request.urlretrieve(image_url, filepath)
Recommendation: Validate downloaded content type and size before writing. Consider checking magic bytes to ensure it's actually an image file.
low - credentials

API key is read from environment variable and used in network requests - standard practice but key could be exposed in error messages or logs

Evidence:

api_key = (os.environ.get("OPENAI_API_KEY") or "").strip() headers={"Authorization": f"Bearer {api_key}"}
Recommendation: Ensure error handling doesn't leak the API key. Current implementation is acceptable but consider adding explicit sanitization in error messages.
info - network

Long timeout (300 seconds) for API requests could cause hanging if service is unresponsive

Evidence:

with urllib.request.urlopen(req, timeout=300) as resp:
Recommendation: Consider reducing timeout or making it configurable. 300 seconds is reasonable for image generation but could be optimized.

✅ Good Security Practices

  • Uses official OpenAI API endpoint (api.openai.com) with no suspicious external domains
  • No use of eval(), exec(), or subprocess calls
  • No obfuscation techniques detected
  • Proper error handling with informative messages
  • API key is read from environment variable (secure practice)
  • Uses standard library modules only (no suspicious dependencies)
  • Code is well-structured and readable
  • Implements reasonable input sanitization with slugify() function

Source Information

ClawHub Page:clawhub.com/skills/openai-image-gen
Source URL:/opt/homebrew/lib/node_modules/openclaw/skills/openai-image-gen
Code Size:8,050 characters
Semgrep Findings:0