Skills
skills/hanzhcn/laohan-skills/laohan-douyinsousuo/Gen Agent Trust Hub

laohan-douyinsousuo

Fail

Audited by Gen Agent Trust Hub on Jun 12, 2026

Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructions in SKILL.md construct a shell command string using user-provided input (keywords). If the keyword contains shell metacharacters such as semicolons or backticks, it could lead to arbitrary command execution on the host system.
  • [EXTERNAL_DOWNLOADS]: The skill environment setup involves downloading and installing the DrissionPage package from the Python Package Index (PyPI).
  • [REMOTE_CODE_EXECUTION]: The skill executes a custom local Python script (search.py) which performs network operations and browser automation to fetch data from external servers.
  • [PROMPT_INJECTION]: Indirect Prompt Injection Risk: The skill processes video titles and author names from Douyin's search results without sanitization. This external data is subsequently analyzed by the agent, creating a vector where malicious content in search results could influence the agent's behavior.
  • Ingestion points: scripts/search.py listens for and parses network traffic from douyin.com search APIs.
  • Boundary markers: None identified in the prompt templates or data processing logic.
  • Capability inventory: Shell execution capabilities for environment setup and script execution.
  • Sanitization: None; the agent processes the raw JSON output from the search script.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Jun 12, 2026, 11:04 PM
Security Audit — agent-trust-hub — laohan-douyinsousuo