ClawHub

Larry — Autonomous TikTok Slideshow Agent

Security checks across malware telemetry and agentic risk

Overview

This skill mostly does what it advertises, but it ships apparent real credentials and can create TikTok/Postiz drafts using connected social accounts.

Review before installing. Do not run the packaged config.json as-is; replace it with your own values from config.example.json, rotate any exposed NVIDIA/Postiz credentials, verify the Postiz base URL and TikTok account IDs, run --dry-run first, and review generated drafts before enabling cron automation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (5)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly supports an autonomous mode that will create and upload or schedule TikTok content, but the description does not clearly warn the user that posts may be published on their behalf. In an agent setting, insufficient disclosure around autonomous external actions can lead to unintended posting, reputational harm, and misuse of connected social accounts.

Missing User Warnings

Low
Confidence
91% confidence
Finding
The skill states that it logs post performance data over time but does not clearly disclose the privacy and retention implications of that logging. Even if the data appears operational, it may reveal account activity, posting history, engagement trends, or business strategy, which creates avoidable privacy and data-governance risk.

Missing User Warnings

Medium
Confidence
82% confidence
Finding
Slide-derived prompt text is transmitted to a third-party NVIDIA service, which can expose user or business content without explicit disclosure or consent. In this skill context, slide text may contain sensitive presentation material, making unintended data sharing a real privacy and compliance risk.

External Transmission

Medium
Category
Data Exfiltration
Content
def _get_auth_headers(base_url: str, config: dict) -> dict:
    """Login + Cookie als Header zurückgeben (Postiz Self-Hosted Auth)."""
    resp = requests.post(
        f"{base_url}/auth/login",
        json={"email": config.get("postiz_email", ""),
              "password": config.get("postiz_password", ""),
Confidence
78% confidence
Finding
requests.post( f"{base_url}/auth/login", json=

External Transmission

Medium
Category
Data Exfiltration
Content
Ruft Performance-Daten für alle gespeicherten Posts ab.
    Wird täglich aufgerufen um Hook-Performance zu tracken.
    """
    base_url = config.get("postiz_base_url", "https://api.postiz.com/v1")
    api_key = config["postiz_api_key"]
    headers = {"Authorization": f"Bearer {api_key}"}
Confidence
73% confidence
Finding
https://api.postiz.com/

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal