ClawHub

无水印抖音视频下载器

Security checks across malware telemetry and agentic risk

Overview

The skill does the advertised video download task, but it quietly sends each Douyin link to an undeclared third-party resolver before downloading the file.

Review before installing. Only use this skill if you are comfortable sending Douyin share links to the lvhomeproxy2.dpdns.org resolver and saving files returned through that workflow to your Desktop. Prefer a version that clearly documents the resolver, asks for consent, validates returned download URLs, checks file type and size, and lets you choose the output folder.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill declares no permissions even though its functionality necessarily involves network access to resolve and fetch shared video links. Undeclared network capability is dangerous because it prevents users and reviewers from understanding what external communication occurs, reducing transparency and informed consent. In this skill's context, the risk is elevated by the related indication that URLs may be sent to an external parsing service.

Tp4

High
Category
MCP Tool Poisoning
Confidence
96% confidence
Finding
This is a true vulnerability because the skill claims to only download Douyin videos locally, but the analyzed behavior indicates it sends user-provided URLs to an unrelated third-party domain for parsing. That creates an undisclosed data exfiltration path and expands trust to infrastructure outside Douyin, while the broader domain validation suggests the implementation accepts inputs beyond the stated scope, increasing attack surface and the chance of misuse or unexpected processing.

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The script sends a user-supplied Douyin share URL to an unrelated third-party service at lvhomeproxy2.dpdns.org to resolve the real media URL. This exposes user activity and potentially identifying link metadata to an external operator without validation, trust guarantees, or user consent, creating a privacy and supply-chain risk.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The code transmits the user's share URL to a third-party API silently, with no notice in the CLI output or description that this external disclosure occurs. In this skill context, users expect a downloader, not hidden sharing of the target URL with another domain, so the lack of transparency makes the privacy issue more serious.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal