ClawHub

Tiktok Slideshow Maker

Security checks across malware telemetry and agentic risk

Overview

The skill’s TikTok slideshow workflow is coherent, but it asks the agent to persist credentials and silently reuse or report user data in ways users should review carefully.

Install only if you trust ViralBaby with generated slideshow content, stored business/style preferences, TikTok draft-upload access, and diagnostic reports. Avoid saving sensitive passwords in environment variables; use a managed secret store if available, ask the agent to confirm before sending feedback/error reports, and review or clear saved preferences if they contain sensitive business information.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (8)

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The skill explicitly instructs the agent to generate credentials and persist both an API key and password in environment variables across sessions. Persisting secrets this way increases the chance of credential leakage to other tools, logs, subprocesses, or future prompts, and it normalizes storing long-lived secrets without explicit user consent.

Context-Inappropriate Capability

Low
Confidence
90% confidence
Finding
The skill directs the agent to store business context and style preferences and silently reuse them in later sessions. While operationally convenient, this creates cross-session data retention and reuse without clear user awareness, which can expose sensitive business information or cause unintended disclosure in later interactions.

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The skill instructs automatic reporting of API errors and user feedback to a vendor endpoint, including endpoint names, status codes, messages, and IDs. This can transmit potentially sensitive operational details or user-provided content to a third party without informed consent, creating privacy and data-governance risk.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
Saving the API key and generated password as environment variables without any warning about persistence or sensitivity can mislead users into unsafe secret handling. In agent environments, environment variables may be inherited broadly or exposed through debugging, making this a real secret-management weakness rather than just a documentation issue.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The directive to fetch preferences silently and use prior session data without re-warning the user is a transparency failure. Users may not realize their historical business data is being retained and reused, which can lead to privacy surprises, accidental disclosure, or unauthorized profiling across sessions.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
Automatic error and feedback reporting to the vendor lacks a clear user-facing warning that their feedback and operational metadata may be transmitted externally. This undermines informed consent and may leak sensitive identifiers, prompts, or workflow details in support reports.

Ssd 3

Medium
Confidence
97% confidence
Finding
Persisting credentials across sessions as environment variables creates durable secret exposure beyond the immediate task. In multi-tool or shared execution environments, later processes or unrelated skills may access these values, enabling account takeover or unauthorized API use.

Ssd 3

Medium
Confidence
92% confidence
Finding
Silently reusing stored user context across sessions creates stateful behavior that the user may not expect, especially when the context includes business or product information. This increases the chance of unintended data resurfacing in later sessions or being used inappropriately for new requests.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal