ClawHub

douyin-engager

Security checks across malware telemetry and agentic risk

Overview

This skill openly automates Douyin comments and follows, but it gives bulk control over a logged-in social account with limited safeguards.

Install only if you intentionally want automation that posts comments and follows accounts from your Douyin login. Use test mode first, keep counts low, review comment text carefully, avoid using it on shared machines, and delete the saved browser profile when finished if you do not want the session reused.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
81% confidence
Finding
The trigger phrases are very broad and map to common user requests about Douyin promotion or interaction, so the skill may activate in situations where a user is only asking for advice or discussion rather than asking to execute automation. In this context, mistaken activation is more dangerous because the skill performs account actions on a live platform, including posting comments and following accounts, which can cause unauthorized or unintended external actions.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The activation rule says any request for Douyin interaction/comment/follow enters the workflow, but it does not define boundaries between harmless discussion and execution. Because the workflow leads directly to browser automation that posts comments and follows authors, an ambiguous entry condition can turn ordinary conversation into real-world automated platform activity, increasing the risk of unintended actions, spam, and account abuse.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The script performs real platform actions—posting comments and following accounts—automatically, with no per-action confirmation, dry-run mode, consent gate, or safety interlock. In this skill’s context, that is materially risky because it enables unattended mass engagement/spam behavior, can violate platform rules, and can cause account sanctions or reputational harm if misconfigured or abused.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The script automates account-affecting actions by posting comments and following accounts immediately once matching videos are found, without any per-action confirmation or clear warning about the consequences to the user's Douyin account. In this skill's context, the behavior is more dangerous because the stated purpose is bulk engagement/promotion, which can trigger spammy activity, accidental posting under the user's identity, account enforcement, or unintended interactions at scale.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script performs real account actions (posting comments and following accounts) automatically once a logged-in session is available, with no per-action confirmation, dry-run mode, or explicit safety gate. In this skill's context, that is more dangerous because the stated purpose is mass Douyin engagement/promotion, which can enable spam, unwanted account activity, policy violations, and reputational harm if triggered accidentally or misused.

Missing User Warnings

Low
Confidence
87% confidence
Finding
The script stores and reuses a persistent Playwright browser profile, which can retain authenticated session cookies and other sensitive browsing state without clearly warning the user. This creates risk of unintended account reuse, session exposure on a shared machine, and silent execution of actions under a previously authenticated Douyin account.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal