douyin-rank-tranker
Warn
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [CREDENTIALS_UNSAFE]: The script
scripts/fetch_rank.pyimplements a custom HTTPS client function_ssl_post_no_snithat explicitly disables SSL certificate verification and hostname checking (ssl.CERT_NONEandcontext.check_hostname = False). This practice exposes all communication between the agent and the external API to Man-in-the-Middle (MitM) attacks. - [COMMAND_EXECUTION]: The script
scripts/generate_report.pyusessubprocess.runwithshell=Trueon Windows systems to automatically open generated HTML files. This pattern can be dangerous if the file path or name is influenced by untrusted external data. - [DATA_EXFILTRATION]: The skill makes network requests to an external, non-whitelisted domain
onetotenvip.comviascripts/fetch_rank.py. While only query parameters related to the ranking search are transmitted, the use of a non-standard domain and the bypass of SSL security are notable. - [PROMPT_INJECTION]: The skill is vulnerable to Indirect Prompt Injection (Category 8) because it processes untrusted data from an external API.
- Ingestion points: Data returned from the API call in
scripts/fetch_rank.py(e.g., account names, profile URLs). - Boundary markers: None identified in the processing logic or the prompt instructions.
- Capability inventory: File system write access, network communication, and the ability to execute shell commands to open files.
- Sanitization:
scripts/generate_report.pyfails to sanitize account names or URLs before interpolating them into the HTML report template, creating a risk of malicious content injection. - [EXTERNAL_DOWNLOADS]: The generated HTML reports reference the
html2canvaslibrary hosted oncdn.jsdelivr.net. This is documented as a reference to a well-known and established service.
Audit Metadata