Skillv1.0.1

ClawScan security

Tiktok Publisher · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 27, 2026, 2:39 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's behavior matches its stated purpose (publishing to TikTok) but it depends on a third‑party MCP connector link that contains a high‑privilege embedded token and an unknown upstream service — verify the service and token scope before using.
Guidance: This skill delegates publishing to a third‑party service reachable via an MCP connector link that embeds a token with publish/manage privileges. Before installing or using: (1) verify you trust the Boring service and its domain (confirm ownership, privacy policy, and source code if you need assurance); (2) understand that providing the MCP link lets that service create posts and upload media on connected accounts — consider creating/restricting a dedicated account or limiting connected platforms; (3) avoid pasting the connector link in public or untrusted places and be ready to revoke/regenerate the token if needed; (4) ask the skill author for provenance (who runs boring.aiagent-me.com) or for a way to restrict the token to only TikTok if you want narrower scope.

Review Dimensions

Purpose & Capability: noteThe name/description (publish to TikTok) align with the instructions: all operations call the Boring MCP connector (list accounts, upload media, publish). Requiring a connector link that carries an auth token is plausible for a third‑party social‑media publishing integration, but the skill delegates all access to an external service rather than using TikTok credentials directly.
Instruction Scope: noteSKILL.md confines runtime actions to the Boring MCP API (boring_list_accounts, boring_upload_file, boring_publish_post). It does instruct uploading local files (file_path) which implies reading local media to send to the third‑party service — this is expected for a publisher but you should be aware your media will be transmitted off‑device to Boring's servers.
Install Mechanism: okInstruction‑only skill with no install spec or bundled code files; nothing is downloaded or written to disk by the skill itself, which reduces installer risk.
Credentials: concernNo local env vars are required, but the single required credential is an MCP Connector link containing an embedded auth token. According to SKILL.md that token grants publish/manage/schedule access across connected social accounts — this is high privilege and potentially broader than TikTok alone. The token is stored/handled by the third‑party service rather than locally, so you must trust that service. The skill does not declare more granular scoping or limit access to only TikTok.
Persistence & Privilege: okalways is false and the skill does not claim to modify other skills or system configuration. Autonomous invocation is allowed (platform default) which is expected for skills; no elevated persistence requested.