TikTok Content Creation Compliance

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only TikTok Shop content compliance reviewer with no hidden code, credential use, persistence, or unrelated data access found.

Install only if you want an agent to review TikTok Shop promotional content you provide. Avoid sharing private or sensitive media unnecessarily, and verify live TikTok Shop policy pages for current, market-specific rules before acting on compliance-sensitive advice.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Natural-Language Policy Violations

Medium

Confidence: 93% confidence
Finding: SQP-3 applies to all file types and covers natural-language locale policy violations. Line L278 states that US-market creator videos and LIVEs were directed to use English, Spanish, or Arabic, which imposes a language constraint without offering user choice or explaining why the skill itself must enforce that restriction.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal