Skills
skills/redfox-data/redfox-community/douyin-ai-feed/Gen Agent Trust Hub

douyin-ai-feed

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The main script scripts/fetch_douyin_ai.py uses subprocess.run to interact with system tools. It manages scheduled tasks via launchctl on macOS and crontab on Linux to automate daily report generation. It also uses shell commands to automatically open the generated HTML files in the default browser.
  • [EXTERNAL_DOWNLOADS]: The skill performs HTTP POST requests to https://redfox.hk/story/api/parseWork/queryDyAiMsgs using the requests library to retrieve AI-related video metadata. This domain is owned by the skill's vendor.
  • [CREDENTIALS_UNSAFE]: To facilitate the subscription feature, the script optionally writes the user's REDFOX_API_KEY into a .plist file located in ~/Library/LaunchAgents/. The documentation also provides instructions for users to store this key in shell configuration files like ~/.zshrc.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface in the form of potential Cross-Site Scripting (XSS). In scripts/fetch_douyin_ai.py, external data such as video titles and user names are interpolated directly into an HTML template without sanitization. If the vendor API were to return malicious payloads in these fields, they would execute in the user's browser context when the report is opened.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 04:20 PM
Security Audit — agent-trust-hub — douyin-ai-feed