Skillv1.0.0

ClawScan security

Download-video-tiktok · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 26, 2026, 10:07 PM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and instructions match its stated purpose (downloading TikTok videos via yt-dlp); nothing requested is disproportionate, though there are a few operational and privacy cautions to review before use.
Guidance: This skill appears to do what it says: it builds yt-dlp commands to fetch TikTok metadata and download videos. Before installing or running it: 1) Consider changing the hardcoded output/archive defaults (/home/claude) to a directory you control so files aren't written to unexpected locations. 2) Be careful with any workflow that asks you to export browser cookies or embed credentials in proxy URLs — those contain sensitive tokens; avoid sharing them and prefer authenticated methods you control. 3) The script auto-invokes pip to install/upgrade yt-dlp (with --break-system-packages); run installs yourself in a virtualenv if you want to avoid changing system Python. 4) Advanced options (cookie export, proxy, watermark removal) can facilitate bypassing restrictions — ensure your use complies with TikTok's terms and local law (KBLICENSE highlights permitted vs prohibited uses). 5) If you plan to use this programmatically or at scale, review and fix the minor get_metadata print-format bug and audit for any other bugs. Overall the package is coherent with its stated function, but treat cookie export and package installation actions with caution.

Review Dimensions

Purpose & Capability: okName/description, SKILL.md and the included Python script all consistently implement downloading TikTok videos and retrieving metadata using yt-dlp/ffmpeg. Required capabilities (network access to TikTok, yt-dlp, optional ffmpeg) are coherent with the stated purpose. Minor implementation issue: download_latest.py's get_metadata uses a --print format "%()j" which looks like a bug (likely won't produce JSON); this is an implementation defect, not a misalignment of purpose.
Instruction Scope: noteRuntime instructions and the script focus on building yt-dlp commands, normalizing usernames, fetching metadata, and downloading files — all within the scope. The docs also instruct exporting browser cookies and using --cookies-from-browser, adding headers, proxies, and watermark-removal formats; these are optional but sensitive (cookies contain auth and should be handled carefully). The SKILL.md also references files and folders under /home/claude (output, archive), which is an opinionated default and may surprise users or write into unexpected paths if not changed.
Install Mechanism: noteThere is no registry install spec (instruction-only), which reduces supply-chain risk. The included script will attempt to invoke pip to install/upgrade yt-dlp if missing (subprocess pip install with --break-system-packages). That action modifies the Python environment and can be intrusive; users should prefer running installs in a virtualenv or manage packages manually. No external downloads from untrusted URLs are present.
Credentials: noteThe skill requests no environment variables or credentials. Advanced instructions suggest using browser cookies, proxy URLs (which could include user:pass), and exporting cookies via a browser extension — those are optional but can expose sensitive secrets if mishandled. The hardcoded default output/archive paths (/home/claude, /home/claude/tiktok_archive.txt) are unnecessary defaults and should be user-customizable.
Persistence & Privilege: okThe skill is not marked always:true and does not attempt to modify other skills or global agent configuration. It will create local files (downloads, archive file) in the filesystem when run, which is expected behavior for a downloader.