tiktok-video-detail

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill employs a dynamic execution pattern where a Python script generates JavaScript code intended for execution in the browser. The instructions suggest using a shell 'eval' pattern to facilitate this, which involves the dynamic assembly and execution of code strings.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from the TikTok platform. Maliciously crafted data within video metadata (such as descriptions or signatures) could potentially influence the agent's behavior when it processes the extracted content.
  • Ingestion points: The scraping logic reads from the __UNIVERSAL_DATA_FOR_REHYDRATION__ script tag embedded in the TikTok video page's DOM.
  • Boundary markers: No specific boundary markers or instructions are used to distinguish extracted data from instructions or to prevent the agent from following embedded commands.
  • Capability inventory: The skill utilizes the browser-act tool for web navigation and script execution, and potentially uses the bash tool for script management.
  • Sanitization: The extracted data is returned as raw text without sanitization or filtering of fields that are user-controlled on the source platform.
  • [EXTERNAL_DOWNLOADS]: The skill navigates the browser to https://www.tiktok.com to retrieve metadata. This involves retrieving content from a well-known service and is consistent with the skill's primary function.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 04:39 AM
Security Audit — agent-trust-hub — tiktok-video-detail