tiktok-profile-videos

Warn

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill documentation describes an execution model using eval "$(python scripts/xxx.py {params})". Directly evaluating the output of a script in a shell environment is a high-risk pattern. If the {params} (such as the TikTok username) or the script's output are not strictly sanitized, an attacker could achieve arbitrary command execution.
  • [REMOTE_CODE_EXECUTION]: The skill relies on dynamic execution of logic encapsulated in external Python scripts triggered via shell commands. This structure presents a significant risk if the logic involves untrusted data sourced from the web or user input.
  • [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection through the processing of TikTok profile metadata.
  • Ingestion points: The skill extracts video descriptions (desc), nicknames, and signatures from TikTok's /api/post/item_list/ endpoint.
  • Boundary markers: None are defined. The instructions do not specify the use of delimiters or clear separation between system instructions and the scraped untrusted data.
  • Capability inventory: The skill uses the bash tool and eval to execute shell commands, providing a high-impact target for successful injection.
  • Sanitization: There is no mention of filtering, escaping, or validating the content retrieved from TikTok before it is processed by the agent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 13, 2026, 04:38 AM
Security Audit — agent-trust-hub — tiktok-profile-videos