Back to skill

Security audit

Douyin Clean

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real Douyin publishing tool, but it should be reviewed because it controls a logged-in creator account and can discard an existing draft without clear user confirmation.

Install only if you are comfortable giving the script control of a logged-in Douyin creator account. Use an isolated workspace or account, check for drafts before running because one may be abandoned automatically, protect or delete chrome_profile and screenshots when finished, and avoid running it on shared machines.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
def _stop_chrome():
    """关闭Chrome"""
    try:
        subprocess.run(["pkill", "-f", "chrome.*9222"], timeout=5,
                       capture_output=True)
    except:
        pass
Confidence
80% confidence
Finding
subprocess.run(["pkill", "-f", "chrome.*9222"], timeout=5, capture_output=True)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill describes automation that uses browser control, local profile storage, file access, shell commands, and network interaction, but it declares no permissions to inform users or enforcement systems about those capabilities. This is dangerous because the skill can access local files, persist authentication state in chrome_profile/, and interact with external services without an explicit permission model, reducing transparency and increasing the chance of misuse or over-privileged execution.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.