TikTok Live Monitor

Security checks across malware telemetry and agentic risk

Overview

This skill mostly does what it claims, but unsafe shell command handling can let crafted input run local commands on the user's machine.

Install only if you are comfortable reviewing or patching the command execution paths first. Until fixed, run it only with trusted TikTok handles and fixed quality values, preferably in an isolated environment, and confirm any local recording, temporary logs, and debug screenshots are acceptable for your privacy and storage needs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (3)

Tp4

High

Category: MCP Tool Poisoning
Confidence: 85% confidence
Finding: The skill advertises automatic recording to disk and notification integration, but the analyzed content does not substantiate those behaviors. This kind of description-behavior mismatch is dangerous because users and reviewers may make security and privacy decisions based on inaccurate claims, which can hide undeclared capabilities later or lead to unsafe deployment assumptions.

Context-Inappropriate Capability

Medium

Confidence: 95% confidence
Finding: The code builds shell command strings with untrusted CLI input (`username`, `quality`) and passes them to `child_process.exec`, which invokes a shell. Although the script path is quoted, the user-controlled arguments are not, so crafted input can trigger command injection and execute arbitrary commands on the host. In this skill context, the fallback chain makes this more dangerous because a stream lookup tool unexpectedly gains general command-execution capability beyond the declared browser/network-monitoring purpose.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill explicitly promotes automatic recording to disk without warning users that content will be stored locally. In the context of monitoring and capturing live streams, undisclosed local recording creates privacy, compliance, and storage-risk concerns because users may unknowingly retain third-party media or sensitive data on disk.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal