douyin-comment-auto-reply Security Report — Low Risk | ClawSafe

20 /100

douyin-comment-auto-reply

Douyin comment operations workflow for your own account videos. Use when the user wants to collect, classify, draft, review, or semi-automate replies to comments under their own Douyin videos.

Legitimate Douyin comment management tool with minor documentation gaps regarding shell execution capability.

Skill Namedouyin-comment-auto-reply

Duration50.7s

Enginepi

✓

Safe to install

Add explicit shell:WRITE declaration to SKILL.md if browser_reply_runner.py subprocess usage is intentional. Otherwise, consider using a non-shell subprocess method for browser automation.

Findings 3 items

Severity	Finding	Location
Medium	Undeclared shell execution capability browser_reply_runner.py uses subprocess.run() with shell=True to execute browser commands (npx agent-browser). This shell:WRITE capability is not declared in SKILL.md or allowed-tools. `subprocess.run(cmd, shell=True, check=True)` → Declare shell:WRITE in SKILL.md if shell execution is intentional for browser automation.	`scripts/browser_reply_runner.py:18`
Medium	Undeclared network access The skill opens external URLs (https://creator.douyin.com) via browser automation but does not declare network:READ in allowed-tools. `open_cmd = f"{args.browser_cmd} ... open {shlex.quote(args.url)}"` → Declare network:READ if browser-based URL access is part of the intended functionality.	`scripts/browser_reply_runner.py:43`
Low	Documentation gap for capability mapping SKILL.md mentions scripts/batch_comment_drafts.py and scripts/browser_reply_runner.py but does not explicitly map their underlying capabilities (shell, network, browser). `python3 scripts/browser_reply_runner.py ./comments.drafts.json` → Add a 'Capabilities' or 'Technical Implementation' section to SKILL.md explaining the required tool permissions.	`SKILL.md:155`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`READ,WRITE`	`READ,WRITE`	✓ Aligned	SKILL.md: Declares Read/Write; batch_comment_drafts.py: CSV read, JSON write; br…
Shell	`NONE`	`WRITE`	✗ Violation	browser_reply_runner.py:18 - subprocess.run(cmd, shell=True, check=True)
Network	`NONE`	`READ`	✗ Violation	browser_reply_runner.py:43 - opens external URL via browser command
Environment	`NONE`	`NONE`	—	No os.environ access detected
Browser	`NONE`	`WRITE`	✗ Violation	browser_reply_runner.py: Uses npx agent-browser for fill/click operations

1 findings

🔗

Medium External URL 外部 URL

https://creator.douyin.com/creator-micro/content/manage

SKILL.md:186

File Tree

11 files · 24.3 KB · 751 lines

Markdown 5f · 498L Python 2f · 171L JSON 3f · 77L CSV 1f · 5L

├─ ▾ 📁 references

│ ├─ 📝 automation-roadmap.md Markdown 63L · 1.7 KB

│ ├─ 📝 douyin-lead-gen-template.md Markdown 66L · 1.6 KB

│ └─ 📝 playbook.md Markdown 134L · 3.7 KB

├─ ▾ 📁 scripts

│ ├─ 🐍 batch_comment_drafts.py Python 96L · 4.0 KB

│ ├─ 🐍 browser_reply_runner.py Python 75L · 3.0 KB

│ ├─ 📄 comment_batch_template.csv CSV 5L · 333 B

│ ├─ 📋 comment_batch_template.drafts.json JSON 41L · 1.5 KB

│ ├─ 📋 comment_batch_template.drafts.sent-log.json JSON 16L · 566 B

│ ├─ 📋 reply_drafts_example.json JSON 20L · 778 B

│ └─ 📝 reply_execution_plan.md Markdown 26L · 761 B

└─ 📝 SKILL.md Markdown 209L · 6.3 KB

Security Positives

✓ No credential harvesting or sensitive data access

✓ No data exfiltration to external servers

✓ No base64 encoding or obfuscation patterns

✓ No remote script execution (curl|bash)

✓ Uses only standard Python libraries (csv, json, re, sys, pathlib, subprocess, argparse, shlex, time)

✓ Legitimate business use case for managing own Douyin account comments

✓ Includes --dry-run safety flag for browser automation

✓ Browser targets legitimate Douyin creator platform URL

✓ Includes sent-log for audit trail

✓ No access to sensitive paths (~/.ssh, ~/.aws, .env)

Scan Report

Findings 3 items

File Tree

Security Positives