ClawHub

Douyin

Security checks across malware telemetry and agentic risk

Overview

This Douyin uploader mostly does what it says, but it silently grants Douyin pages broad browser permissions that are not needed or clearly disclosed for video upload.

Review before installing. Use this only on a machine and Douyin account where local session-cookie storage and automated posting are acceptable. Prefer --no-publish when you want a draft, run the clear command when finished, and be aware that the current code grants Douyin pages access to sensitive browser permissions such as location, clipboard, camera, and microphone during visible browser sessions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Tp4

High
Category
MCP Tool Poisoning
Confidence
91% confidence
Finding
The skill’s documentation claims a narrow purpose of login/upload/session management, but the behavior described by static analysis includes granting broad browser permissions, handling SMS verification flows, and clearing browser profile data. That mismatch is security-relevant because users may consent to a simple uploader without realizing it can expand site privileges and manipulate sensitive authentication state and local browser data.

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The browser is configured to automatically grant broad permissions including geolocation, notifications, camera, microphone, and clipboard access for Douyin domains, even though basic login and video upload do not require most of them. If the site, a malicious script, or an unexpected page flow is abused, the skill could expose sensitive device capabilities and clipboard contents without meaningful user awareness or consent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill writes authenticated Douyin cookies to a local JSON file in plaintext, creating a reusable session artifact on disk. Anyone or any process with filesystem access could steal these cookies and hijack the user's logged-in session, especially because the skill is specifically intended to manage account login state across runs.

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill silently grants powerful browser permissions without warning, including camera, microphone, clipboard, notifications, and geolocation. In the context of an automation tool, this materially increases risk because a compromised page or unexpected site content could access sensitive device resources that are unrelated to uploading a video.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal