pp-tiktok-shop
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to install the 'tiktok-shop-pp-cli' tool using 'npx -y @mvanhorn/printing-press' and 'go install github.com/mvanhorn/printing-press-library/...'. These resources are associated with the vendor 'mvanhorn'.
- [COMMAND_EXECUTION]: The skill uses the 'Read Bash' tool to execute 'tiktok-shop-pp-cli' commands for managing TikTok Shop data (orders, products, inventory). It includes safety measures such as a '--dry-run' flag and intentional deferral of mutation commands (e.g., inventory updates) to prevent unintended side effects.
- [CREDENTIALS_UNSAFE]: The skill provides instructions for setting up authentication via environment variables (e.g., TIKTOK_SHOP_APP_SECRET). It correctly advises users to obtain these from the official Partner Center and never to hardcode them. The CLI tool itself is documented to redact tokens from its output and use secure file permissions (0600) for local configuration storage.
Audit Metadata