ClawHub

zc-douyin-xiazai-txt

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Douyin downloader and transcript tool that runs local media tools and writes local outputs, with no evidence of hidden persistence, credential theft, or exfiltration.

Install only if you want a local Douyin downloader and transcript generator. Use trusted ffmpeg and Whisper binaries, provide only Douyin links or numeric IDs, choose the output directory deliberately, and review/delete downloaded media and transcripts as needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill clearly documents shell-capable behavior via Node.js, ffmpeg, and Whisper invocation, yet it declares no corresponding permissions or execution capabilities. This creates a transparency and policy gap: users or orchestration layers may underestimate that the skill can execute local commands and process local files, which increases the risk of unsafe invocation or insufficient sandboxing.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The redirect-handling logic claims to obtain the final redirected URL, but it returns the original request URL instead. In this skill, that can break video ID extraction from Douyin share links and may cause the tool to fetch or process the wrong resource, undermining reliability and trust in downstream download/transcription behavior.

Missing User Warnings

Low
Confidence
79% confidence
Finding
The skill states that it downloads videos and stores transcripts under local output directories, but the warning about persistent local file creation is easy to miss and not presented as a clear privacy/storage disclosure. This can lead users to unknowingly retain copyrighted media, transcripts, or sensitive spoken content on disk longer than intended.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal