tiktok-automation
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs users to add a third-party MCP server endpoint (
https://rube.app/mcp) to their configuration. This domain is not part of the trusted vendor list and represents an external dependency for the skill's logic.\n- [DATA_EXFILTRATION]: The skill facilitates the transmission of media files (videos and photos) and TikTok OAuth tokens through the Rube MCP infrastructure. While this is necessary for the automation of TikTok tasks, it involves routing sensitive account access through an external service.\n- [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection (Category 8) by processing untrusted external data.\n - Ingestion points: Untrusted data enters the context through the
titleandcaptionparameters in tools such asTIKTOK_UPLOAD_VIDEOandTIKTOK_POST_PHOTO.\n - Boundary markers: The instructions do not provide specific delimiters or instructions to the model to ignore embedded commands within these fields.\n
- Capability inventory: The skill possesses network capabilities to interact with the TikTok API, including publishing content and modifying profile data.\n
- Sanitization: There is no evidence of input sanitization or validation performed on the user-provided strings before they are processed by the automation tools.
Audit Metadata