TikTok Creator Pipeline

This skill appears to do what it says (download videos, extract audio, and transcribe using TikHub + Whisper) but check the following before installing or running it: - API key handling: The code requires a TikHub API key but the registry metadata doesn't declare it; only supply the key if you trust TikHub and understand that calls will be made to api.tikhub.io / api.tikhub.dev and will be billed for paid endpoints. - Background jobs & files: The skill writes downloaded media and transcript files to disk and may launch background nohup processes that log to /tmp — be prepared to manage/remove these files and processes. - Unsafe shell invocation: The whisper_transcribe implementation uses a shell command (nohup via shell=True). If you run this on untrusted inputs or pass filenames that you don't control, there is a command-injection risk. Consider reviewing/patching the code to avoid shell=True and to safely quote/sanitize paths. - requirements/install: requirements.txt incorrectly lists 'ffmpeg' (not a pip package); SKILL.md suggests brew install ffmpeg. Ensure dependencies are installed from appropriate sources and review pip packages (requests, openai-whisper, mlx-whisper). - Privacy and legality: The skill downloads and transcribes content from third-party platforms; confirm you have the right to download/transcribe content and that using TikHub's paid endpoints complies with their terms. If you are comfortable with these trade-offs and can review or sandbox the code (remove shell=True, run in an isolated environment, confirm API key storage/use), the skill is usable; otherwise treat it as risky and avoid installing on sensitive systems.