ClawHub

myskill

WarnAudited by ClawScan on May 10, 2026.

Overview

The Douyin trend fetcher is mostly aligned with its purpose, but it includes unsafe shell-command construction and an under-disclosed Telegram cron helper with a hard-coded chat ID.

Review this skill before installing. The basic Douyin public-trend fetcher is understandable, but avoid using the cron/Telegram helpers unless you remove the hard-coded chat ID and explicitly configure the destination. The command-execution helper should be fixed before use in an agent environment.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Concern
ASI05: Unexpected Code Execution
What this means

If the agent or a user invokes this helper with a crafted limit value, it could run unintended local shell commands.

Why it was flagged

The script takes a command-line argument and interpolates it directly into a shell command instead of validating it as a number or passing it as a safe argv value.

Skill content
const limit = process.argv[2] || 10; ... execSync(`node "${scriptPath}" hot ${limit}`, {
Recommendation

Validate the limit as an integer and use execFileSync/spawnSync with an argument array, or call the Douyin-fetching code directly without a shell.

Concern
ASI03: Identity and Privilege Abuse
What this means

If connected to an OpenClaw messaging tool, the skill could send trend messages through the user's messaging integration to a fixed Telegram chat the user did not choose.

Why it was flagged

The cron helper prepares output for Telegram using a hard-coded recipient, while the main skill description only describes fetching and outputting Douyin trend data.

Skill content
chat_id: '8428610733',
    channel: 'telegram',
    message: message,
Recommendation

Remove the hard-coded chat ID, require the user to explicitly provide and approve the destination, and disclose any Telegram/cron behavior in SKILL.md and metadata.

Note
ASI04: Agentic Supply Chain Vulnerabilities
What this means

Users may install the skill expecting instruction-only behavior, but actually need a Node runtime and should be aware of included executable scripts.

Why it was flagged

The package declares a Node runtime requirement even though the supplied registry requirements say no binaries are required; other artifacts also show version/slug inconsistencies.

Skill content
"openclaw": {
    "requires": {
      "bins": [
        "node"
      ]
    }
  }
Recommendation

Align registry metadata, package metadata, and SKILL.md so required binaries, entry points, owners, slugs, and versions are clear.