Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Keyapi Tiktok Shop Creator Discovery
v1.0.0Discover and analyze TikTok Shop creators — identify top-performing commerce sellers, evaluate GMV and sales metrics, understand audience demographics, and t...
⭐ 0· 56·0 current·0 all-time
by@lycici
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Benign
high confidencePurpose & Capability
Name and description describe a KeyAPI MCP client for TikTok Shop analysis. The only required binary is node and the only required env var is KEYAPI_TOKEN — both are appropriate and proportional for calling KeyAPI MCP tools. Declared dependency (@modelcontextprotocol/sdk) aligns with the stated MCP client usage.
Instruction Scope
SKILL.md and scripts/run.js instruct the agent to call KeyAPI MCP endpoints, inspect tool schemas, and cache responses locally. The runtime also loads a .env file and can prompt-and-save KEYAPI_TOKEN to a .env file in the skill directory. These behaviors are coherent with the skill's purpose but introduce persistent storage of credentials and cached API responses (which may include sensitive or PII-containing analytics).
Install Mechanism
There is no download-from-URL install; package.json declares a single npm dependency (@modelcontextprotocol/sdk). SKILL.md asks the user to run npm install, which is standard. No suspicious external download hosts or extract operations are present.
Credentials
Only KEYAPI_TOKEN (primary credential) is required. No unrelated secrets or additional credentials are requested. The script also supports an optional KEYAPI_SERVER_URL override (documented), which is reasonable but means a maliciously set env var could redirect requests — this is a configuration risk rather than an incoherence.
Persistence & Privilege
The skill persists data locally: it writes the provided KEYAPI_TOKEN to a .env file and stores API responses in a cache directory (default .keyapi-cache). It does not request an 'always' privilege nor modify other skills. Persisting credentials and responses is expected for a CLI client but raises the usual local-data exposure risks (token leakage, accidental commits).
Assessment
This skill appears to be what it says: a KeyAPI MCP client for TikTok Shop creator analytics. Before installing, consider: 1) The tool will persist your KEYAPI_TOKEN in a .env file in the skill directory if you use the interactive prompt — avoid committing that file to source control and rotate the token if it is accidentally exposed. 2) API responses are cached under .keyapi-cache and may contain sensitive analytics/PII — inspect or clear caches before sharing the project. 3) The server URL can be overridden with KEYAPI_SERVER_URL; ensure this is not set to an untrusted host. 4) npm install will fetch @modelcontextprotocol/sdk from the public registry — only run installs in a trusted environment. If you are uncomfortable with local persistence of credentials/responses, run the tool with KEYAPI_TOKEN set in a process environment and remove or protect .env/.keyapi-cache after use.scripts/run.js:52
Environment variable access combined with network send.
scripts/run.js:37
File read combined with network send (possible exfiltration).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk97385svjezqvdgg63hgp8yax584d3dt
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🛍️ Clawdis
Binsnode
EnvKEYAPI_TOKEN
Primary envKEYAPI_TOKEN