B 站内容创作分发助手
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a plausible Bilibili upload helper, but it automatically downloads and runs unpinned third-party code and binaries from multiple sources while using stored Bilibili login state.
Install only if you are comfortable with the agent downloading and running social-auto-upload and biliup at runtime. Prefer a pinned, reviewed version, approve the exact upload command before publishing, and treat the generated Bilibili account files as sensitive login material.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
2/66 vendors flagged this skill as malicious, and 64/66 flagged it as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the upstream project, a mirror, or dependency resolution changes or is compromised, the agent could install and run different code on the user's machine.
The default workflow clones an unpinned remote project, falls back to third-party mirrors/proxies, and installs dependencies at runtime; the artifact does not provide a pinned commit, hash verification, or an install spec covering this.
git clone https://github.com/dreammis/social-auto-upload.git ...; git clone https://gitee.com/lonycn/social-auto-upload.git <SAU_HOME>; ... gh-proxy.org / gh-proxy.com / hub.gitmirror.com ...; uv sync --python 3.12
Pin a reviewed commit or release, verify hashes, prefer the official source, declare the runtime install requirements in metadata/install specs, and ask before using mirror/proxy sources.
Using the skill can execute newly downloaded third-party code and a binary under the user's account before the user has reviewed that code.
After cloning the remote repository, the skill directs the agent to execute its Python CLI, and the upload path can automatically download an additional binary.
所有调用都用 `uv run --project <SAU_HOME> python sau_cli.py bilibili ...`; `python sau_cli.py bilibili upload-video` 第一次执行时,SAU 会自动下载 `biliup` 二进制
Make downloaded code execution explicit to the user, pin and verify the `biliup` binary, and avoid automatic execution until the user approves the source and version.
A mistaken file, title, category, schedule, or account name could publish the wrong content to Bilibili.
The documented command can upload or schedule public Bilibili content. This is purpose-aligned, but it is a high-impact account action.
python sau_cli.py bilibili upload-video --account <account> --file <video-path> --title "<title>" --desc "<desc>" --tid <category-id> [--tags tag1,tag2] [--schedule "YYYY-MM-DD HH:MM"]
Before running upload commands, confirm the account, video file, title, description, tags, category, and schedule with the user.
Anyone or any code that can use the stored account file may be able to check or upload using the corresponding Bilibili account.
The skill relies on a locally stored Bilibili login state/account file. That is expected for this integration, but it gives the local tool authority to act as that account.
`python sau_cli.py bilibili login --account <name>` ... 用户扫码登录 ... 完成后账号信息保存到本地文件
Use a dedicated account name, keep the account file private, do not share login artifacts, and revoke or refresh the login state if the machine or tool directory is not trusted.