Douyin Video Publisher

The skill is classified as suspicious due to its reliance on high-risk capabilities, including local command execution (`node`, `uvx`) via `mcporter`, browser automation (Puppeteer), and direct file system access for video uploads. While these capabilities are necessary for the stated purpose of publishing videos to Douyin, they create a significant attack surface. The `SKILL.md` defines these powerful tools and their execution paths, making the skill vulnerable to potential prompt injection or command injection if the OpenClaw agent's input sanitization or sandboxing is insufficient. There is no explicit evidence of intentional malicious behavior (e.g., data exfiltration to unauthorized endpoints, backdoors, or obfuscated payloads) within the provided files, but the inherent power of the operations warrants a 'suspicious' classification.