ClawHub

Tiktok To Mealie

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill clearly says it imports TikTok recipes into Mealie and uses a Mealie token, with no hidden code or unrelated behavior found.

Install this only if you want an agent to use your Mealie credentials to create recipes and upload cover images. Use a dedicated or least-privilege token if Mealie supports it, keep the token out of shared files and logs, and ask for a preview first when you want extraction without immediate import.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README explicitly states that the skill will import recipes into Mealie and upload cover images, which are remote state-changing actions against a user's service. Without a clear warning that the skill modifies user data and may create or overwrite content, users may invoke it without understanding the side effects, increasing the risk of unintended writes or misuse of a high-privilege API token.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The README asks users to supply a Mealie API token and suggests storage locations, but does not label the token as sensitive or provide minimum secure-handling guidance. This can normalize unsafe credential practices, such as storing long-lived tokens in poorly protected local files or sharing them inappropriately, which could enable unauthorized access to the user's Mealie instance.

Natural-Language Policy Violations

Medium
Confidence
84% confidence
Finding
The file instructs the skill to automatically match the user's language when reconstructing recipe content, but it does not require explicit user confirmation of language or locale. This can cause unintended inference or use of sensitive locale preferences and may produce outputs in a language the user did not actually want, especially for multilingual users or ambiguous contexts.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal