ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

tiktok-android-720p

v1.0.0

使用 ADB 自动化 TikTok 互动。支持 AI 智能评论(Claude/GPT-4/OpenRouter 视觉分析)、搜索话题、评论、点赞、收藏视频、发布内容。无需网页抓取,无 CAPTCHA,智能 UI 识别实现 100% 成功率。

0· 38·0 current·0 all-time
by@molin-g
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Crypto
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The code and SKILL.md match the stated purpose (ADB-driven TikTok automation, searching, commenting, liking, publishing). However the registry metadata claims 'required env vars: none' and 'required binaries: none' while the skill clearly requires adb on PATH and—if AI comment mode is used—API keys (ANTHROPIC_API_KEY / OPENAI_API_KEY / OPENROUTER_API_KEY). That metadata omission is an incoherence the publisher should have declared.
!
Instruction Scope
Runtime instructions and code include actions beyond simple UI clicks: deleting device media (rm -f /sdcard/DCIM/Camera/*.mp4), taking screenshots, encoding images and sending them to external AI APIs, downloading videos from URLs, and writing config/.env files. Deleting files on the connected Android device is destructive but justified by the 'publish' workflow; nonetheless it is a high-impact action and should be clearly disclosed and confirmed by the user. The setup wizard will prompt for and persist API keys to .env.
Install Mechanism
This is an instruction-and-code bundle with no remote install/download steps in the manifest (no external installers or archive downloads). All code runs locally. That lowers supply-chain install risk, but running arbitrary code from an untrusted source still requires caution.
!
Credentials
Requested environment access is broadly proportional to features (AI providers for AI comments, optional ANDROID_DEVICE_ID). But the registry declared no required env vars while the code expects ANTHROPIC_API_KEY / OPENAI_API_KEY / OPENROUTER_API_KEY when AI mode is selected. The setup wizard writes API keys into a local .env file (cleartext), which is a privacy/secret-management concern. No unrelated cloud credentials (AWS, etc.) are requested, which is good.
Persistence & Privilege
The skill is not configured 'always: true' and does not request system-wide privileges. It will create/overwrite files in the working directory (config.py, .env, .bot_settings.json) and performs destructive actions on the connected Android device (removes files from /sdcard/DCIM/Camera/). Those are expected for publish workflows but are high-impact and must be approved by the user.
What to consider before installing
This package implements an ADB-based TikTok bot that does what it says, but there are some red flags you should review before installing and running it: - Metadata mismatch: The registry claims no required env vars or binaries, but the skill needs adb on PATH and will ask for AI API keys if you enable AI comments. Treat the registry metadata as incomplete and rely on the README/SKILL.md and code. - Secrets handling: The interactive setup writes API keys into a local .env file in cleartext. If you supply API keys, consider using a secure secret store or removing keys after use. Inspect setup.py to see where it writes keys. - Destructive device actions: The publish workflow runs rm -f /sdcard/DCIM/Camera/*.mp4 on the connected Android device. Backup any important media on the device before running the tool and/or remove the publish/cleanup steps if you don't want deletion. - Hardcoded / absolute paths: Example scripts (run_complete_session.py, run_full_campaign.py) insert an absolute user path into sys.path (/Users/...), which looks like leftover test/configuration code. Review and remove/adjust those lines before running. - External network calls: If you enable AI mode, the skill will encode screenshots and send them to external AI endpoints (Anthropic/OpenAI/OpenRouter). This will leak screenshots/content to those services and may incur costs. Audit ai_comments.py to confirm providers and endpoints. - Running untrusted code: There is no remote install step, but these are executable Python scripts from an unknown source. If you decide to run it, do so in an isolated environment (non-production machine, container, VM) and inspect/modify the code (especially lines that delete files or call subprocess) to enforce safety. - Legal/ToS risk: Automated commenting/interaction on TikTok may violate platform terms of service and can lead to account action. Use conservative rates and avoid abusive/spammy behavior. If you want, I can: (1) point to the exact lines that delete device files and store API keys, (2) produce a minimal-safe patch that disables deletion and .env writes, or (3) list all places where network requests are made for your further review.

Like a lobster shell, security has layers — review code before you run it.

latestvk976wmzm57dmygb33qdw9v0f0n84vv9b

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments