Exposed secret literal
Critical
- Finding
- File appears to expose a hardcoded API secret or token.
Larry
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a coherent TikTok marketing automation skill, but it needs review because it asks for broad social/revenue account access, suggests dashboard scraping and anti-bot warmup behavior, and persists sensitive conversion data locally.
Install only if you are comfortable giving an agent access to social posting tools and business analytics. Before use, inspect the omitted posting/onboarding scripts, create least-privilege API keys, store config files outside version control, avoid dashboard scraping unless explicitly approved, keep posts in draft/review mode, and make sure any cron job is documented and easy to remove.
Static analysis
VirusTotal
64/64 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
If granted, the agent or scripts may be able to access sensitive RevenueCat business/customer data beyond simple marketing performance totals.
Why it was flagged
The skill asks for a broad RevenueCat secret key for optional conversion tracking. That can expose subscriber, purchase, and revenue data, and the artifacts do not provide least-privilege or storage-boundary guidance.
Skill content
Get the **V1 Secret API Key** from RevenueCat Dashboard → Project Settings → API Keys. Use the **secret** key (sk_), NOT the public key.
Recommendation
Use the narrowest read-only key available, store it outside any synced or committed project files, and avoid enabling RevenueCat product/offering control unless it is explicitly needed.
What this means
Local files may contain sensitive transaction, revenue, or customer-related data that could be accidentally shared, indexed, or committed.
Why it was flagged
The daily report fetches RevenueCat transactions and persists the returned metrics/transactions to a local snapshot file without retention, redaction, or file-permission controls.
Skill content
const txRes = await fetch(`${RC_URL}/projects/${config.revenuecat.projectId}/transactions?start_from=${startDate.toISOString()}&limit=100`, ...); ... fs.writeFileSync(rcSnapshotPath, JSON.stringify({ date: dateStr, ...rcMetrics }, null, 2));Recommendation
Redact individual transaction/customer fields where possible, add the output directory to .gitignore, set restrictive file permissions, and define a retention/cleanup policy.
What this means
The agent could browse a sensitive business dashboard and collect more account/customer information than the user intended.
Why it was flagged
The skill suggests using browser automation against a logged-in RevenueCat dashboard, but does not define session boundaries, explicit approval steps, or limits on what dashboard data may be accessed.
Skill content
RevenueCat doesn't expose dashboard overview via API. Use the V1 subscriber endpoint to track individual conversions, or scrape the dashboard via browser automation.
Recommendation
Prefer official APIs, webhooks, or manual inputs. If browser access is unavoidable, require explicit approval for each session and restrict it to read-only, task-specific pages.
What this means
Users may be led into behavior that risks platform-policy violations, account throttling, or account penalties.
Why it was flagged
The onboarding advice explicitly frames account warmup as a way to avoid bot classification before automated AI slideshow posting.
Skill content
If it's new, we need to warm it up first. TikTok's algorithm watches how new accounts behave, and if you go straight from creating an account to posting AI slideshows, it flags you as a bot ... Like sparingly ... Don't like everything — that's bot behaviour.
Recommendation
Use only platform-compliant marketing workflows, avoid trying to mimic human behavior to evade detection, and review TikTok/Postiz rules before enabling automation.
What this means
Incorrect configuration or insufficient review could publish unwanted marketing content or cross-post it to multiple accounts.
Why it was flagged
Posting and cross-posting are central to the skill, but they are high-impact actions on public social accounts.
Skill content
TikTok posting (Postiz API), cross-posting to Instagram/YouTube/Threads, analytics tracking
Recommendation
Keep posting in draft/review mode where possible, verify each connected Postiz integration, and require approval before public publishing or cross-posting.
What this means
The automation may keep querying services and writing reports after the user forgets it is installed.
Why it was flagged
The documented cron job creates persistent scheduled execution that continues to use configured API credentials until removed.
Skill content
Set up a cron job to run every morning before the first post (e.g. 7:00 AM user's timezone): Task: node scripts/daily-report.js --config tiktok-marketing/config.json --days 3
Recommendation
Create the scheduled job manually, document how to disable it, and periodically rotate or revoke API keys if the job is no longer needed.
What this means
The agent may propose package-manager or build-tool changes that affect the local system.
Why it was flagged
The setup path delegates OS/package-manager research and dependency installation to the agent, including a native npm module, without pinned versions in an install spec.
Skill content
Your AI agent will need to research and install the following based on your setup ... Node.js ... install it if not ... node-canvas (`npm install canvas`)
Recommendation
Approve dependency installation explicitly, pin versions where possible, and run setup in a dedicated project or container.