tikhub-api-helper
Fail
Audited by Gen Agent Trust Hub on May 29, 2026
Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The file
api_client.pycontains a hardcoded API tokenvZdfXsQS3nNTqVRrVysjLT4kjaa6yL0gTnBk/aTAi8aA==assigned to theDEFAULT_TOKENvariable.\n- [COMMAND_EXECUTION]: The skill instructions inSKILL.mddirect the agent to executeapi_searcher.pyandapi_client.pywith arguments derived from user input, facilitating local script execution.\n- [DATA_EXFILTRATION]: Theapi_client.pyscript makes outbound HTTP requests toapi.tikhub.ioandapi.tikhub.devto fetch data. This enables the transmission of data to external domains associated with the TikHub service.\n- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it processes untrusted data from external social media APIs and provides it to the agent.\n - Ingestion points: Responses from TikHub API endpoints processed in
api_client.py.\n - Boundary markers: None; the skill does not use delimiters or instructions to ignore embedded commands in the API data.\n
- Capability inventory: Execution of local Python scripts with command-line arguments and network access.\n
- Sanitization: None; data is printed to the console and incorporated into the agent's context without validation.
Recommendations
- AI detected serious security threats
Audit Metadata