Back to skill
Skillv1.0.4
ClawScan security
TikTok Page · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 1, 2026, 8:52 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requests and instructions are internally consistent with a TikTok API manager: it uses PowerShell, reads a local credentials file, and calls only open.tiktokapis.com as documented.
- Guidance
- This skill appears coherent and limited to TikTok API operations, but before installing: (1) confirm you trust the skill owner since it will read OAuth tokens from ~/.config/tiktok-page/credentials.json; (2) store tokens/Client Secret securely and follow the recommended file-permission changes; (3) grant the app only the minimum TikTok scopes needed; (4) rotate secrets immediately if the host is compromised; and (5) be aware the agent can invoke the skill autonomously by default — limit access to sensitive hosts/accounts if you’re unsure.
Review Dimensions
- Purpose & Capability
- okName/description (TikTok manager) match the runtime instructions: all examples use PowerShell to call TikTok endpoints and require OAuth credentials stored at ~/.config/tiktok-page/credentials.json. Requesting PowerShell/pwsh is proportionate.
- Instruction Scope
- okSKILL.md only instructs reading the declared credentials file, refreshing tokens, and calling open.tiktokapis.com endpoints. It does not reference other system files, unrelated env vars, or external endpoints. It explicitly advises restricting file permissions and not forwarding secrets.
- Install Mechanism
- okThis is instruction-only (no install spec, no downloads, no code files). That minimizes disk execution risk and is appropriate for the described purpose.
- Credentials
- okNo extra environment variables are required; the skill expects a single credentials JSON file with the OAuth tokens and client keys/secrets. Requesting those fields is proportionate for a TikTok API client. Note: TIKTOK_CLIENT_SECRET and refresh tokens are sensitive and the docs correctly call that out.
- Persistence & Privilege
- okalways is false and the skill does not request persistent or elevated agent-wide privileges or modify other skills. Autonomous invocation is allowed by default (not flagged alone) and the skill’s behavior is limited to its stated scope.