ClawHub

抖音热点总榜

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Douyin hotlist lookup skill that calls an external AI Skills API, with no evidence of hidden, destructive, or persistent behavior.

Install only if you are comfortable providing an AI Skills API key and allowing calls to ai-skills.ai for Douyin hotlist results. Avoid including confidential business context in parameters, and narrow or disable implicit invocation if your environment supports it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill requires an API key and instructs users to call an external API, which implies network access and use of sensitive environment variables, yet no permissions are declared. This weakens transparency and permission review, increasing the chance that users invoke a networked skill without understanding it will access secrets and make outbound requests.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The documentation says parameters are sent to the AI Skills API but does not clearly warn that user-supplied data will leave the local environment and be transmitted to an external service. This can cause unintentional disclosure of sensitive business context, prompts, or other data if users assume the skill runs locally.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger question "现在最热门的是什么?" is broad and conversational, so it can match ordinary user dialogue rather than an explicit request to invoke this skill. That increases the chance of unintended or overly eager skill activation, which can cause unexpected external API calls and leak user context into a third-party service.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal