tiktok-ads-integration
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides legitimate integration instructions for TikTok Ads, including server-side tracking and catalog synchronization.\n- [DATA_EXPOSURE]: The provided code snippets demonstrate secure handling of sensitive data by using environment variables (e.g.,
TIKTOK_ACCESS_TOKEN,TIKTOK_PIXEL_ID) instead of hardcoded secrets. It also correctly implements SHA-256 hashing for user email and phone numbers before sending them to the TikTok Events API, which is the required security standard for this service.\n- [EXTERNAL_DOWNLOADS]: The skill references the official TikTok Business API domain (business-api.tiktok.com) for event tracking, which is a well-known and expected service for this use case.\n- [COMMAND_EXECUTION]: No suspicious command execution or shell interactions were found. The code uses standard Node.js APIs and built-in modules likecrypto.
Audit Metadata