Skills
skills/dreammis/social-auto-upload/douyin-upload/Gen Agent Trust Hub

douyin-upload

Pass

Audited by Gen Agent Trust Hub on Mar 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill serves as a wrapper for the sau (Social Auto Upload) CLI tool. It defines a protocol for the agent to execute shell commands for Douyin login, cookie verification, and content publishing.
  • Evidence: Found in SKILL.md and references/cli-contract.md which detail the sau douyin command-line interface.- [EXTERNAL_DOWNLOADS]: The skill provides instructions for setting up the execution environment, which involves installing Python packages and browser binaries.
  • Evidence: references/runtime-requirements.md contains instructions for installing social-auto-upload and using patchright to download Chromium.- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it processes user-supplied content (titles, descriptions, tags) and interpolates them into command-line arguments.
  • Ingestion points: External data fields such as --title, --desc, and --note defined in references/cli-contract.md.
  • Boundary markers: Not explicitly enforced in the markdown instructions, placing the responsibility on the agent implementation.
  • Capability inventory: The agent can execute arbitrary CLI commands via the sau tool.
  • Sanitization: The scripts/examples/douyin_cli_template.py file demonstrates best practices by using shlex.quote to sanitize arguments before execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 28, 2026, 03:32 AM