Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
TikTok Viral Slideshow Automation
v1.0.1Automates creation and uploading of educational TikTok slideshows with AI-generated images and tracks performance via AutomateClips API.
⭐ 0· 38·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to automate TikTok slideshows and upload via AutomateClips, which reasonably requires an AutomateClips API key and an image-generation API key. However, the registry metadata lists no required environment variables or primary credential, which is inconsistent with the SKILL.md that explicitly asks for AUTOMATECLIPS_API_KEY and optional REPLICATE/OPENAI/GOOGLE keys. That omission is unexpected and unexplained.
Instruction Scope
The SKILL.md stays focused on slideshow generation: it walks through conversational setup, asset collection, selecting an image-generation backend, and uploading via AutomateClips. It instructs creating a project folder, asking for specific files (e.g., reference_mascot.png), and creating a python script to call the chosen image API. Those actions are within scope, but the instructions also empower the agent to adapt arbitrary user-supplied generation commands (Option D) and to create/execute code; that gives the agent broad discretion and increases risk if the generated script is not reviewed.
Install Mechanism
There is no formal install spec in the package (instruction-only), which limits static analysis. The SKILL.md tells the user to run 'pip install replicate' when using Replicate. Asking users to install packages and create a python script is common, but pip installs carry moderate risk if users install unreviewed packages — and the skill bundle does not include the code to review (the SKILL.md truncates the script in the copy provided).
Credentials
The instructions explicitly require sensitive credentials: AutomateClips API key (ac_sk_...), AutomateClips TikTok Account ID, and optionally REPLICATE_API_TOKEN, OPENAI API key, or Google AI Studio key depending on the chosen image backend. Those requests are plausible for the described functionality, but the registry metadata incorrectly lists no required env vars or primary credential. This mismatch reduces transparency and is a red flag.
Persistence & Privilege
The skill is not always-enabled, is user-invocable, and does not request system-wide configuration changes. It asks the user to create files in a project folder and to set environment variables for each session; that is normal for a local workflow and does not indicate elevated platform privileges.
What to consider before installing
Do not proceed blindly. Key points to consider before installing/using this skill:
- The SKILL.md requires sensitive API keys (AutomateClips and an image-provider key), but the published metadata omits these; ask the publisher why credentials were not declared.
- Never paste secret keys into a chat; set and export them in your own shell only if you trust and have reviewed the code that will use them.
- The skill instructs you to create and run a python script (nano_banana-2.py). Request the full script content and review it line-by-line (or have a developer review it) before running it or pip-installing dependencies.
- Use test accounts and short-lived API keys where possible. Rotate keys after testing and limit the AutomateClips/TikTok account privileges.
- Because this is instruction-only, static scanners could not analyze code; ask the publisher for the complete scripts and any network endpoints the scripts call so you can validate them.
- If you proceed, prefer running everything in an isolated environment (container or VM) and avoid using production credentials until you are sure of the code's behavior.Like a lobster shell, security has layers — review code before you run it.
latestvk97b1hna4temxfgk4qzyaes195844ama
License
MIT-0
Free to use, modify, and redistribute. No attribution required.