Skills
skills/aaaaqwq/claude-code-skills/douyin-hot-trend/Gen Agent Trust Hub

douyin-hot-trend

Warn

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/get-hot-trend.js utilizes child_process.execSync to invoke a secondary script. The variable limit, which is derived directly from process.argv[2], is interpolated into the shell command string without any validation or sanitization. This pattern is vulnerable to command injection if an attacker can influence the command-line arguments provided to the script.
  • [COMMAND_EXECUTION]: The cron-job.js file uses child_process.execSync to orchestrate internal script execution. While the usage here is more controlled, the reliance on shell execution for internal logic is a behavior that requires monitoring.
  • [EXTERNAL_DOWNLOADS]: The skill performs HTTPS requests to www.douyin.com via the native https module to retrieve JSON data containing current trending topics. This is an expected behavior given the skill's stated purpose.
  • [PROMPT_INJECTION]:
  • Ingestion points: Trending topic titles and metadata are fetched from the external Douyin API in scripts/douyin.js.
  • Boundary markers: None. The external data is parsed and directly embedded into output messages.
  • Capability inventory: The skill has the capability to write files to the local file system and execute shell commands via execSync.
  • Sanitization: There is no sanitization or escaping of the content retrieved from the external API before it is formatted into messages, which could allow a malicious trending topic to influence the behavior of the agent or downstream systems.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 17, 2026, 01:18 AM