Security audit

Douyin Topic Hotspot Collector

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill is for collecting public Douyin search results and optionally exporting them, with no executable code or hidden behavior found.

Install only if you are comfortable with the agent opening Douyin pages and reading public result fields. Do not log into Douyin for this task, and confirm any export path before allowing a file save, especially on shared machines.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 91% confidence
Finding: The test cases expand the skill behavior from merely searching and returning hotspot videos to writing files on the user's desktop. That creates a capability mismatch: an agent implemented to satisfy these tests may perform local file-system side effects that users and reviewers would not expect from the stated manifest, increasing the risk of unintended file creation or unsafe write locations.

Missing User Warnings

Low

Confidence: 84% confidence
Finding: The test case requires exporting to the desktop but does not mention confirmation, overwrite handling, or file creation risks. In practice, this can normalize silent local writes and lead to accidental overwriting of existing files or unexpected persistence of potentially sensitive output on a shared machine.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal