ClawHub

douyin-downloader-js

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Douyin media downloader that fetches media and saves files locally, with ordinary caution needed around trusted links and output folders.

Install only if you want a local Node.js tool to download Douyin media. Use trusted Douyin links, prefer the default or a dedicated empty output folder, and avoid pointing the output directory at sensitive project or system locations. The reviewed code creates output files but does not show hidden credential access or background persistence.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The downloader follows redirect Location headers recursively without validating the destination host, so a seemingly trusted Douyin URL can cause the skill to fetch content from arbitrary external domains. In an agent environment, this creates a generic outbound request primitive and can be abused for SSRF-style access to internal services or retrieval of unexpected content.

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
downloadImage accepts an arbitrary URL and caller-controlled filename, then writes the fetched bytes directly to disk with no domain, content-type, size, or path validation. This turns a Douyin helper into a generic file downloader and file writer, which can be abused to store attacker-controlled content anywhere the process has write access.

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
downloadVideoToFile provides the same unsafe pattern for video content: arbitrary remote URL fetch plus unchecked local filesystem write, including redirects to untrusted locations. In agent or automation contexts, this can be repurposed as a general payload dropper or to fill disk with large attacker-controlled files.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The callable API automatically downloads and writes media to disk without any confirmation or explicit opt-in beyond calling parseAndDownload. In a skill/agent setting, silent side effects increase risk because upstream prompts or untrusted inputs may trigger unexpected network and filesystem actions, especially given the weak URL/path restrictions elsewhere in the file.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal