安全决策报告
tiktok-video-downloader
The skill claims transparency and 'no data collection' but performs undeclared filesystem writes to track user usage data in ~/.openclaw, creating a directory and usage.json file without disclosure.
最直接的威胁证据
高危 文档欺骗
False claim of 'no data collection' SKILL.md explicitly states 'We do not collect, store, or transmit any user data' but the code creates a usage tracking file in the user's home directory at ~/.openclaw/skills/tiktok-video-downloader/usage.json
scripts/fetch_tiktok_video.py:30 为什么得出这个结论
2/4 个维度触发 阻止
声明与实际能力
发现 1 项声明之外的能力或越权行为。
复核
隐藏执行与外联
提取到 5 个一般风险产物,需要结合上下文判断。
阻止
攻击链与高危发现
报告包含 0 步攻击链,另有 2 项高危或严重发现。
复核
依赖与供应链卫生
发现 1 项需要关注的依赖或供应链线索。
风险分是怎么被拉高的
Doc deception - undeclared data collection +25
SKILL.md claims 'no data collection' but code writes usage tracking to ~/.openclaw/skills/tiktok-video-downloader/usage.json
Undeclared filesystem WRITE access +20
Creates directory and writes JSON file to user home directory - not declared in SKILL.md
Undisclosed crypto payment integration +10
Hardcoded Polygon USDC wallet address and Request Network payment URL embedded in code without SKILL.md disclosure
最关键的证据
高危 文档欺骗
False claim of 'no data collection'
SKILL.md explicitly states 'We do not collect, store, or transmit any user data' but the code creates a usage tracking file in the user's home directory at ~/.openclaw/skills/tiktok-video-downloader/usage.json
scripts/fetch_tiktok_video.py:30 Update SKILL.md to declare filesystem WRITE access for quota tracking, or remove the local storage and track quotas server-side only
高危 文档欺骗
Undeclared crypto payment integration
Code contains a hardcoded Polygon USDC wallet address and Request Network payment integration for monetization. This commercial payment feature is not disclosed anywhere in SKILL.md
scripts/fetch_tiktok_video.py:23 Disclose payment integration in SKILL.md with clear terms of service and privacy policy
中危 权限提升
Undeclared filesystem WRITE to home directory
The skill writes to ~/.openclaw directory which may be an OpenClaw-specific path. This creates persistent state on the user's system without declaring filesystem WRITE permission
scripts/fetch_tiktok_video.py:38 Declare filesystem:WRITE in capability map and document what data is stored and why
低危 文档欺骗
Misleading 'open source' claim
SKILL.md states 'Open source: All code is visible and auditable in this skill package' but this merely means the code is included. True open source implies version control, issue tracking, and community oversight
SKILL.md:30 Rephrase to clarify code is included in the package rather than implying traditional open source project
声明能力 vs 实际能力
文件系统 阻止
声明 NONE
→ 推断 WRITE
scripts/fetch_tiktok_video.py:30-31 - creates ~/.openclaw/skills/tiktok-video-downloader/ directory 网络访问 通过
声明 READ
→ 推断 READ
Scripts make POST requests to savefbs.com API as declared 可疑产物与外联
中危 外部 URL
https://savefbs.com SKILL.md:8
中危 外部 URL
https://savefbs.com/pricing SKILL.md:18
中危 外部 URL
https://www.tiktok.com/@username/video/1234567890 SKILL.md:59
中危 钱包地址
0xA4195EeFF370c003C5C775BE4C3f350022666305 scripts/fetch_tiktok_video.py:23
中危 外部 URL
https://pay.request.network/ scripts/fetch_tiktok_video.py:24
依赖与供应链
| 包名 | 版本 | 来源 | 漏洞 | 备注 |
|---|---|---|---|---|
| requests | * | pip | 否 | Version not pinned - could fetch any version |
文件构成
2 个文件 · 309 行
Python 1 个文件 · 191 行Markdown 1 个文件 · 118 行
需关注文件 · 2
scripts/fetch_tiktok_video.py False claim of 'no data collection' · Undeclared crypto payment integration · Undeclared filesystem WRITE to home directory · 0xA4195EeFF370c003C5C775BE4C3f350022666305 · https://pay.request.network/
SKILL.md Misleading 'open source' claim · https://savefbs.com · https://savefbs.com/pricing · https://www.tiktok.com/@username/video/1234567890
安全亮点
No reverse shell or command execution to attacker-controlled infrastructure
No credential theft or API key harvesting detected
No base64 or obfuscated code execution
No attempts to access ~/.ssh, ~/.aws, or other sensitive credential paths
Network requests only go to declared domain (savefbs.com)
Uses legitimate payment service (Request Network) for monetization