抖音视频解析

The skill bundle implements a Douyin video downloader with a commercial quota and licensing system. The most significant security concern is in `src/license.ts` (and `dist/license.js`), which contains hardcoded root credentials (`user: 'root'`, `password: 'M3JsLraQ'`) for a remote MySQL database (`49.234.177.66`) used to verify activation codes. Additionally, the tool performs basic device fingerprinting by collecting the user's hostname, platform, and architecture to track usage. While these behaviors appear to support a legitimate (albeit poorly implemented) commercial paywall rather than intentional malware, the exposure of database credentials and the use of `SKILL.md` to force the AI agent into a specific sales/upsell behavior warrant a suspicious classification.