抖音七日点赞飙升榜

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Douyin ranking lookup client that uses a RedFox API key, with subscription wording that users should treat cautiously because the artifacts do not define storage or unsubscribe details.

Install only if you are comfortable providing a RedFox API key and sending ranking query parameters to redfox.hk. Treat any subscription or daily push request as something that should require explicit confirmation, and look for host-platform controls for cancellation, stored preferences, and API key revocation before enabling recurring updates.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration

Findings (4)

Description-Behavior Mismatch

Medium

Confidence: 92% confidence
Finding: The interaction guide introduces a subscription/scheduled push feature that is outside the skill's declared scope of leaderboard lookup and historical query. Scope expansion like this can create unauthorized data retention, background actions, or notification workflows that were not reviewed as part of the published capability set, increasing abuse and privacy risk.

Context-Inappropriate Capability

Medium

Confidence: 89% confidence
Finding: The document claims support for subscribing to category-specific scheduled pushes at user-selected times without explaining why persistent messaging is necessary for a simple ranking query tool. This creates a risk of unreviewed recurring engagement behavior, unexpected outbound notifications, and collection of user preferences or scheduling data beyond the minimum needed for the stated use case.

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The README instructs users to invoke the skill with unrestricted natural-language requests ('Simply describe what you need in natural language'), but it does not define clear guardrails, disambiguation rules, or exclusion conditions. In agent ecosystems that auto-route based on semantic similarity, this can cause accidental invocation on loosely related queries, leading to unintended external API calls, data retrieval, or subscriptions without strong user intent.

Vague Triggers

Low

Confidence: 91% confidence
Finding: The sample trigger phrases are broad ('How's Fitness trending this week?', 'Subscribe me to daily 7-day Food surge rankings') and do not specify negative constraints or confirmation requirements. This increases the chance that conversational or ambiguous user text will be interpreted as a command, especially for subscription behavior, causing unintended skill activation or unwanted persistent actions.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal