Security Audit

tiktok-teneo

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

TRUSTED

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

tiktok-teneo received a trust score of 80/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Potential Input Injection via sendMessage to external agent, Unpinned dependencies in installation instructions.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

78%

Behavioral Risk Signals

Network Access

1 finding

Filesystem Write

1 finding

Shell Execution

1 finding

Dynamic Code

1 finding

Security Findings2

Severity	Finding	Layer	Location
HIGH	Potential Input Injection via sendMessage to external agent The skill defines commands (`video`, `profile`, `hashtag`) that accept arbitrary user input (e.g., `<<url>>`, `<<username>>`, `<<hashtag>>`). This input is then passed directly to an external `@tiktok` agent via `sdk.sendMessage`. If the `@tiktok` agent is an LLM, this creates a prompt injection vulnerability. If the `@tiktok` agent processes this input in a shell-like environment or uses it to construct queries without proper sanitization, it could lead to command injection or other input validation bypasses. The security of this interaction heavily relies on the `@tiktok` agent's implementation, which is external to this skill's definition. Implement robust input validation and sanitization within the `@tiktok` agent for all user-provided arguments. If the `@tiktok` agent is an LLM, ensure strong prompt engineering techniques are used to prevent prompt injection. The skill documentation should also advise users about the risks of providing untrusted input.	LLM	SKILL.md:90
MEDIUM	Unpinned dependencies in installation instructions The installation instructions recommend `npm install @teneo-protocol/sdk dotenv` without specifying exact versions. This practice can lead to supply chain vulnerabilities if a new version of a dependency introduces malicious code or breaking changes. It also makes builds non-deterministic. Pin dependencies to specific versions (e.g., `npm install @teneo-protocol/sdk@1.0.0 dotenv@16.3.1`) to ensure deterministic builds and mitigate risks from unexpected updates. Regularly audit and update dependencies.	LLM	SKILL.md:74

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/84dc680647c320da.svg)](https://skillshield.io/report/84dc680647c320da)