Skillv1.0.0

ClawScan security

Douyin Video Fetch · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 17, 2026, 7:13 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code matches its stated purpose (downloading Douyin videos) but the package omits dependency and install details and executes a headless browser (running remote JS) without making those requirements explicit — review and run in isolation before use.
Guidance: This skill appears to do what it claims (download Douyin videos) but you should not install/run it blindly. Before using: 1) Inspect the full script to ensure there are no hidden network sinks or data exfiltration paths (the provided file was truncated in the review). 2) Install and run in an isolated environment (sandbox or container) because it launches a headless browser and executes page JS. 3) Ensure required dependencies are installed (Python, playwright, aiohttp) and run 'playwright install' to get browser binaries. 4) Consider legal/ToS implications of scraping/downloading content. If you want higher confidence, request the full unobfuscated source and an explicit dependency/install instruction from the publisher.

Review Dimensions

Purpose & Capability: noteName/description (download Douyin videos) align with the included script which uses Playwright and aiohttp to load pages, intercept network responses, extract media URLs, and save MP4s. However, the skill metadata claims no required binaries/env but the code requires Python packages (playwright, aiohttp) and a browser runtime — this mismatch is notable.
Instruction Scope: noteSKILL.md simply tells the agent to run the script with a URL/video_id or file; it does not request unrelated files or secrets. The script loads Douyin pages in a headless browser and executes/collects in-page JS/data (via page.evaluate and response interception), which means it will run remote site JavaScript in the agent environment — expected for scraping but a potential risk if you haven't reviewed the code fully.
Install Mechanism: concernThere is no install spec. The script depends on Playwright (and its browser binaries) and aiohttp, but these are not declared. Playwright typically requires installing browser engines (or calling 'playwright install'); omission of installation/dependency guidance is an operational and security concern because users may run the script in environments without those safeguards or isolation.
Credentials: okThe skill declares no environment variables or credentials and the code does not appear to request unrelated secrets. Network access is required (to fetch pages/media) but that is proportional to the stated purpose.
Persistence & Privilege: okThe registry flags show always=false and the skill does not attempt to modify agent/global configuration. It runs on-demand and does not request persistent elevated privileges.