ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

tiktok-downloader

v1.0.0

Download TikTok videos by URL or hashtag. Handles 403 errors, cookies, and user-agent rotation. Use for downloading TikTok videos, batch downloading from a l...

0· 74·0 current·0 all-time
by@kgc-yj
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's stated purpose (download TikTok videos, handle 403s via cookies and UA rotation) aligns with the included script, but the package declares no required binaries or config paths while the SKILL.md and script explicitly require yt-dlp, a browser, and a specific cookie directory (/home/ubuntu/.browser_data_dir). Those are legitimate needs for this purpose but should have been declared; the hardcoded absolute path and lack of declared requirements are inconsistent.
!
Instruction Scope
Runtime instructions tell the agent to navigate with the browser tool to create/refresh cookies and then to extract cookies from /home/ubuntu/.browser_data_dir. That directs the agent to read local browser data (sensitive), and the instructions give the agent discretion to log in via the browser — both actions go beyond a simple downloader and increase exposure of credentials/session tokens. The instructions also assume presence of yt-dlp and a Chromium browser without declaring them.
Install Mechanism
There is no install spec (instruction-only plus a small shell script). No external downloads or archive extraction are performed by the skill itself. The included script is short and directly calls yt-dlp; no additional packages are pulled by the skill.
!
Credentials
The skill requests no environment variables, but it requires access to a browser cookie directory (effectively a form of credential access). That access is sensitive and not declared in requires.config or similar metadata. The skill could read other cookies or session tokens in that directory; this level of filesystem credential access should be explicitly declared and minimized.
Persistence & Privilege
The skill is not always-enabled and does not request elevated/persistent privileges. It does not attempt to modify other skills or system-wide configs.
What to consider before installing
This skill appears to do what it says, but it asks the agent to read your browser cookie directory (a sensitive source of session tokens) and assumes yt-dlp and a Chromium profile exist even though those are not declared. Before installing: 1) Inspect the script yourself (it's short) to confirm no network exfiltration — the included script does not POST to external endpoints. 2) Avoid giving it unrestricted access to your real browser profile; instead create a dedicated browser profile with only TikTok cookies or run in an isolated/VM environment. 3) Ensure yt-dlp is installed from a trusted source if you intend to use the skill. 4) Ask the publisher to declare required binaries and the config path in metadata, or remove hardcoded absolute paths so you can control which cookie store is used.

Like a lobster shell, security has layers — review code before you run it.

latestvk97f8f3n58bw7xrxn4wc7cd89983ewwt

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments