Douyin Comment Auto Reply
v0.1.0Douyin comment operations workflow for your own account videos. Use when the user wants to collect, classify, draft, review, or semi-automate replies to comm...
⭐ 0· 60·0 current·0 all-time
byKoi@jinhuadeng
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match included scripts and SKILL.md: batch drafting and browser-based reply execution for the user's own Douyin videos. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
SKILL.md remains scoped to the user's own account and provides guardrails (dry-run, force-review, skip high-risk types). It instructs browser automation against the Douyin creator page and to generate drafts first — this is expected. Operators must follow the documented safeguards (dry-run, selectors, manual review) to avoid accidentally replying to the wrong comments or performing undesirable mass actions.
Install Mechanism
There is no install spec; the skill is instruction+scripts only. The browser executor relies on running 'npx -y agent-browser' by default at runtime, which will fetch and run code from the npm registry. That is a reasonable choice for a browser automation executor but carries the usual risks of fetching remote packages at runtime; verify the agent-browser package/source before production use.
Credentials
No environment variables, credentials, or config paths are requested. The scripts operate on local CSV/JSON files and a user-provided Douyin URL/selectors — this is proportionate to the stated functionality.
Persistence & Privilege
Skill is not marked always:true and does not attempt to modify other skills or global agent config. It writes local sent-log files for audit, which is appropriate for reply automation.
Assessment
This skill appears to do what it says: batch-classify comments and optionally drive browser automation to post replies. Before running any real-send automation: (1) always run --dry-run and verify selectors on the Douyin page; (2) review the generated drafts and keep manual review for price/support/skepticism; (3) be aware the executor runs 'npx -y agent-browser' by default — inspect/verify that package or provide a trusted --browser-cmd; (4) note the scripts use subprocess.run(shell=True) for invoking agent-browser; avoid passing untrusted values into --browser-cmd or session-name to prevent injection risks; (5) keep backups of your comment exports and review the sent-log output to audit what was sent. If you need higher assurance, ask the author for provenance of the agent-browser tool or adapt the executor to call a vetted local automation binary instead of npx.Like a lobster shell, security has layers — review code before you run it.
latestvk97e5xqqv7h1ne3r7k997j1gan844f6a
License
MIT-0
Free to use, modify, and redistribute. No attribution required.