ClawHub

Dlazy Get Trends Videos

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a TikTok trend metadata tool, but its own documentation inconsistently suggests it may download or return hosted media by default.

Install only after reviewing the real CLI behavior and confirming whether video downloads are disabled or explicitly intended. Treat the skill as potentially sending requests to third-party services and producing hosted media artifacts, not as a guaranteed metadata-only lookup tool.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill repeatedly claims it only returns metadata and does not download files, yet the documented CLI exposes `--downloadVideos` for TikTok with a default of `true`. This creates a misleading trust boundary: an agent or user may invoke the skill expecting metadata-only behavior while actually causing video files to be fetched and stored remotely, increasing data transfer, storage, and policy/compliance risk.

Intent-Code Divergence

Medium
Confidence
88% confidence
Finding
The advertised purpose is returning trending-video metadata, but the output schema shows an `image` object hosted on `files.dlazy.com`, and the example command uses an unrelated `--prompt` argument. Such contradictions make it hard for agents to reason safely about what will be produced or transferred, increasing the chance of unintended external file generation, retrieval, or downstream misuse.

Description-Behavior Mismatch

High
Confidence
94% confidence
Finding
The skill repeatedly claims it returns metadata only and does not download files, but later exposes a --downloadVideos option and references playable URLs and a separate download flow. This mismatch can mislead an agent or user into authorizing a tool under a lower-risk assumption, causing unexpected retrieval, storage, or sharing of video content and associated URLs.

Intent-Code Divergence

High
Confidence
92% confidence
Finding
The documentation contradicts itself on whether video-file downloads are handled, creating security-relevant ambiguity about data flow and persistence. In an agent setting, such ambiguity can defeat policy gating, user consent, and least-privilege assumptions because operators may believe the skill is metadata-only when it can trigger downloadable media generation or retrieval.

Intent-Code Divergence

Medium
Confidence
90% confidence
Finding
The documented output format and example describe a generic image-generation tool rather than trending-video metadata, which undermines reliable downstream handling and review. An agent expecting safe metadata may instead process unrelated output structures or media URLs, increasing the chance of incorrect automation, hidden side effects, or unsafe chaining into other tools.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill description omits that the default behavior may trigger TikTok video downloading via `--downloadVideos [default: true]`. Hidden default side effects are dangerous in agent contexts because a caller expecting read-only metadata collection may unknowingly initiate file acquisition and remote storage, with bandwidth, copyright, and compliance implications.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill omits a prominent warning that enabling video downloads can create or persist video files or hosted URLs despite earlier metadata-only claims. That omission weakens informed consent and may cause users or agents to expose copyrighted, sensitive, or unnecessary media artifacts to third-party storage without realizing it.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal