Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Toutiao Mcp
v0.1.0通过 MCP 协议操作今日头条平台,支持内容发布、账号管理等功能
⭐ 0· 94·0 current·0 all-time
byPING SI@sipingme
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description state it operates 今日头条 via MCP and the SKILL.md consistently describes an MCP Server (toutiao-mcp) that provides account management and publishing tools. The required browser automation (Playwright/Chromium) and Node.js >=18 are coherent with the stated functionality.
Instruction Scope
Instructions tell the agent to run an external MCP server which will open a browser for interactive login, save cookies to a local COOKIES_FILE, accept image file paths and download directories, and download images from URLs for batch publishing. Those actions are expected for a publishing automation skill, but they involve handling sensitive session cookies and reading/saving local files — so scope is broader than a pure 'API only' integration and merits caution.
Install Mechanism
The skill is instruction-only (no install spec), but the runtime doc tells users to globally install an npm package 'toutiao-mcp' and to run it. Installing and running an external npm package that controls a browser is a moderate supply‑chain risk: the package could access cookies, local files, or network endpoints. The SKILL.md points to a GitHub repo which helps auditability, but the package itself (and any transitive npm dependencies) must be reviewed before trusting.
Credentials
The registry metadata lists no required env vars, yet the SKILL.md expects configuration of PLAYWRIGHT_HEADLESS, COOKIES_FILE, DATA_DIR, LOG_LEVEL, etc. Those env vars are not secrets per se, but COOKIES_FILE will contain session tokens (sensitive). The skill requires access to local file paths (images, downloads) and browser session state — reasonable for the task but high‑sensitivity items. Because the MCP server runs separately, it will have access to those files/cookies; the skill does not declare this exposure in registry fields.
Persistence & Privilege
The skill does not request always: true and does not modify other skill configs. It instructs adding an MCP server to OpenClaw config (normal for MCP skills). No evidence the skill attempts to alter other skills or system‑wide settings.
Scan Findings in Context
[no-findings] expected: The regex scanner found nothing to analyze because this is an instruction-only skill (no code files). Absence of findings is expected but not proof of safety — the runtime installs/third-party package are the primary risk surface.
What to consider before installing
This skill delegates real work to a third‑party npm MCP server (toutiao-mcp) that will run browser automation, store session cookies locally, and read/write image and data files. Before installing or running it: 1) Review the referenced GitHub repo and the npm package code (and recent release history) to confirm it doesn't exfiltrate data or phone home to unfamiliar endpoints. 2) Treat the COOKIES_FILE as sensitive — set its path to a directory with tight permissions and avoid using high-value accounts during testing. 3) Run the MCP server in an isolated environment (container or VM) if you cannot fully audit dependencies. 4) Prefer installing from the official GitHub/npm package (not a random URL); check package integrity and recent issues. 5) Note the SKILL.md references env vars (PLAYWRIGHT_HEADLESS, COOKIES_FILE, DATA_DIR) even though the registry lists none — ensure you configure those securely. 6) Monitor network activity while testing (to detect unexpected uploads). If you cannot review the third‑party code or run it in isolation, consider this skill risky for accounts or data you care about.Like a lobster shell, security has layers — review code before you run it.
latestvk975583ckmqt7q5zahckg4yf4h839fs1
License
MIT-0
Free to use, modify, and redistribute. No attribution required.