ClawHub

抖音热点上升榜

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Douyin trend-analysis skill that calls a disclosed external API with a user-provided API key, with no evidence of hidden, destructive, or unrelated behavior.

Install if you are comfortable sending Douyin trend keywords, tags, and related query parameters to ai-skills.ai using your AISKILLS_API_KEY. Keep the API key private, avoid putting secrets or sensitive business data in the query params, and consider invoking the skill explicitly if you want tighter control over when API calls happen.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill requires an API key and documents direct calls to an external AI Skills API, which means it uses both environment secrets and network access without any declared permissions boundary. This creates a transparency and governance gap: users and platforms cannot clearly understand that the skill will transmit data externally and consume sensitive credentials.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation says the runner sends user-supplied parameters to the AI Skills API but does not warn that input content leaves the local environment and is transmitted to a third-party service. Users may unknowingly submit sensitive business plans, unpublished campaign ideas, or personal data, creating privacy, compliance, and confidentiality risks.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The skill enables implicit invocation with no visible trigger constraints, exclusions, or scope limits. That can cause the assistant to auto-select this skill in loosely related conversations, increasing the chance of unintended data exposure, unexpected behavior, or user confusion about when the skill is being used.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The script takes arbitrary CLI-supplied params and forwards them to a remote API endpoint, which can expose sensitive user data to an external service without any explicit disclosure, consent prompt, or local minimization. In this skill context, remote execution is expected, but the lack of transparency and filtering still creates a real privacy and data-handling risk if users include secrets, personal data, or proprietary business information in params.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal