Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
3232
v1.0.0Manage AI agent skills using the @tiktok-fe/skills CLI (binary: ai-skills). Use when the user asks to find, search, install, add, remove, update, publish, li...
⭐ 0· 98·0 current·0 all-time
bynanki@nanki-nn
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (manage AI agent skills via the ai-skills CLI) aligns with the provided SKILL.md and command documentation. The files describe discovery, install, list, remove, publish, update, etc., which fit the stated purpose.
Instruction Scope
The runtime instructions instruct the agent to invoke the external ai-skills CLI for finding, adding, removing, publishing, and scanning skills. That CLI scans multiple project/global agent directories (e.g., ~/.cursor, .claude, project subfolders) and reads SKILL.md files — which is expected for a skill manager but means the agent will access many local paths. The SKILL.md also advises using non-interactive flags and to run login/publish commands which may read or upload local skill directories.
Install Mechanism
There is no packaged install in the skill bundle; instead the instructions tell agents to run `npm install -g @tiktok-fe/skills` or `npx @tiktok-fe/skills`. That causes remote code to be installed and executed from the npm registry. Even if the package is legitimate, asking an agent to globally install and run a third‑party package increases risk (arbitrary code execution, persistent binary on host).
Credentials
The skill declares no required environment variables or credentials. The text references auth for publishing (browser SSO via `ai-skills login`), and a telemetry env var (DISABLE_TELEMETRY) which is plausible and proportionate for a CLI that interacts with a registry.
Persistence & Privilege
The skill is instruction-only and not marked always:true. It does not request persistent platform privileges or modify other skills' configs in the provided docs. However, the CLI it recommends can write files (install skills to agent directories) and publish to registries if invoked.
What to consider before installing
This skill is coherent with its stated purpose, but exercise caution before letting an agent run it autonomously. Key points to consider:
- Installing and running `@tiktok-fe/skills` via `npm install -g` or `npx` will download and execute third‑party code on the host — review the npm package and its source repository first.
- The CLI scans many project and home directories and can copy/symlink or remove files across agent directories; ensure you trust the tool before granting it filesystem access.
- `ai-skills publish` will read and upload a skill directory to a registry; don't run publish on directories that contain secrets or unrelated proprietary files.
- `ai-skills login` uses SSO and may result in credentials or session tokens being created; understand the registry and its access controls before authenticating from an automated agent.
- If you proceed: run the CLI in a sandboxed environment, prefer `npx` (transient) over global install, audit the package source, and consider disabling telemetry (set DISABLE_TELEMETRY) and avoiding publish operations from agents.Like a lobster shell, security has layers — review code before you run it.
latestvk978mf45fbhj2kyxsxvbdr1ha5833ev6
License
MIT-0
Free to use, modify, and redistribute. No attribution required.