Skill Tiktok Video Pipeline

Security checks across static analysis, malware telemetry, and agentic risk

Overview

The skill is a plausible TikTok video pipeline, but its main script builds shell commands from user inputs and another documented pipeline calls undeclared helper skills.

Use this only in a sandbox or after fixing the shell-command construction. Do not pass untrusted script text, prompts, model names, product IDs, or file paths; verify the referenced external video skills from trusted sources; and use a limited Gemini/Veo API key.

Static analysis

Dangerous exec

Critical

Finding: Shell command execution detected (child_process).

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#ASI02: Tool Misuse and Exploitation

High

What this means

A malicious or accidentally unsafe input could make the agent run unintended local commands while trying to generate a video.

Why it was flagged

The main orchestrator builds a single shell command from CLI-controlled values and executes it with bash. Some arguments are unquoted, and JSON.stringify is not shell escaping, so crafted prompt, caption, model, path, or language values could be interpreted by the shell.

Skill content

const cmd = [
    'uv run', JSON.stringify(VEO_SCRIPT),
    '--prompt', JSON.stringify(prompt),
    '--filename', JSON.stringify(baseVideoPath),
    '--model', opts.veoModel,
...
return spawnSync('bash', ['-lc', cmd], {

Recommendation

Replace bash -lc command strings with argument-array subprocess calls, validate enum-like values such as model/lang, constrain output paths, and avoid passing untrusted text through a shell.

#ASI04: Agentic Supply Chain Vulnerabilities

Medium

What this means

Running the Python pipeline may depend on, or execute, unreviewed code from other installed skills with the same local privileges.

Why it was flagged

The documented Python pipeline can execute code from other local skills that are not included in this manifest and are not fully declared in SKILL.md's requirements, which only mention veo3-video-gen.

Skill content

RUNWAY_SCRIPT = os.path.join(SKILLS_BASE, "skill-runway-video-gen", "scripts", "generate_video.py")
OVERLAY_SCRIPT = os.path.join(SKILLS_BASE, "skill-tiktok-ads-video", "scripts", "overlay.py")

Recommendation

Declare exact external skill dependencies and versions, include or reference the intended helper code clearly, and align pipeline.py with the documented overlay engine.

#ASI03: Identity and Privilege Abuse

Low

What this means

The skill may use your Gemini/Veo API quota or incur provider-side costs when generating videos.

Why it was flagged

A provider credential is expected for Veo generation and no leakage is shown, but users should notice that the skill needs an API key even though the registry metadata lists no required env vars.

Skill content

- `GEMINI_API_KEY` env var (for Veo generation)

Recommendation

Use a restricted API key where possible, review provider permissions and billing limits, and ensure the credential requirement is declared in metadata.