Back to skill

Security audit

TikTok Publisher

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed TikTok publishing helper that sends user-selected videos or URLs to MyBrandMetrics, so it is consequential but not deceptive or out of scope.

Install only if you intend to give this skill a MyBrandMetrics API key for a TikTok account. Start with SELF_ONLY for tests, confirm the exact account, media, title, privacy level, and schedule before posting, and do not pass private local files or internal URLs unless you are comfortable sending them to MyBrandMetrics for TikTok publishing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill documentation instructs users to place an API key in a local config file and use scripts that read local files and make outbound network requests, but the skill declares no permissions. That mismatch weakens least-privilege controls and can cause users or platforms to authorize a skill without understanding it can access filesystem content, environment/config secrets, and remote URLs.

Vague Triggers

Medium
Confidence
78% confidence
Finding
The example scheduling prompt is broad enough that an agent could initiate a high-impact action chain from a natural-language request plus a Google Sheet URL, leading to bulk posting or unintended publication if sheet contents are incomplete, changed, or attacker-controlled. Because the workflow can read external sheet data and drive publishing actions, vague trigger phrasing increases the risk of unauthorized or insufficiently confirmed automation.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The script sends either local files or remote video URLs to an external third-party API but provides no explicit user-facing warning about that transmission at the point of use. In an agent skill context, this increases the risk that users or upstream agents may supply sensitive local files or internal URLs without fully appreciating they will be disclosed externally.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.