ClawHub

douyin-guoxue-volcengine-pipeline

Security checks across malware telemetry and agentic risk

Overview

This skill is coherent for making Douyin videos, but it can publish public posts using local account credentials without a clear final approval step.

Install only if you intend the agent to help create and publish Douyin videos. Before running it, review the referenced companion scripts, use a dedicated or least-privilege Volcengine key and Douyin account where possible, and require a manual final approval of the video, title, account, and AI-content declaration before any publish command runs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly instructs the agent to publish content to Douyin and verify that it appears in the creator backend, but it provides no user-facing consent, confirmation, or warning that this will create a real public post on an external account. In an agent setting, this creates a meaningful risk of unauthorized or accidental actions against a user’s social-media account, with reputational and operational consequences.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill instructs loading a local `.volcengine_config` file into process environment variables, which likely contains API credentials or other secrets, but it gives no warning about sensitive-secret handling, scope limitation, or avoiding disclosure in logs/output. This increases the chance that credentials are exposed, mishandled, or reused in unintended subprocesses during the pipeline.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal