ClawAudit verdict
douyin-learning-pipeline
Orchestration skill for Douyin video download, transcription, and content rewriting using named local tools and ASR APIs; capabilities are broad but all aligned with the declared content-processing pipeline.
⚠ Flagged for review — coarse, uncorroborated signal, not a confirmed exploit. Review the config yourself before installing.
Automated static analysis — not a human review. ClawAudit flags capabilities, not confirmed intent, and can produce false positives. Disagree with this verdict? Use Dispute below.
Findings (14)
Possible hardcoded credential
references/migration-guide.md · prose · downgraded · API_KEY='your-key
Pipe to python — executes piped content as Python code
scripts/transcribe.sh · prose · downgraded · | python3
subprocess execution — runs system commands from Python
assets/douyin-downloader/cli/whisper_transcribe.py · prose · downgraded · subprocess.run(
Uses exec() — may execute shell commands
assets/douyin-downloader/core/api_client.py · prose · downgraded · exec(
Long base64 string (100+ chars) — likely obfuscated payload
assets/douyin-downloader/README.md · prose · downgraded · DQo8c3ZnIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgd2lkdGg9IjEwMCIgaGVpZ2h0
HTTP request to bare IP address — common in malicious payloads
assets/douyin-downloader/README.md · prose · downgraded · http://127.0.0.1
References sudo — requests elevated privileges
references/migration-guide.md · prose · downgraded · sudo
Python urllib.request — network access
assets/douyin-downloader/auth/ms_token_manager.py · prose · downgraded · urllib.request
conda install — installs packages via conda
assets/douyin-downloader/cli/whisper_transcribe.py · prose · downgraded · conda install
Python shutil file operation — copies/moves/deletes files
assets/douyin-downloader/cli/whisper_transcribe.py · prose · downgraded · shutil.rmtree(
Python aiohttp session — async network access
assets/douyin-downloader/core/api_client.py · prose · downgraded · aiohttp.ClientSession
Python os.getenv — reads environment variable
assets/douyin-downloader/core/transcript_manager.py · prose · downgraded · os.getenv(
importlib.import_module — dynamic module loading
assets/douyin-downloader/tests/test_cli_main.py · prose · downgraded · importlib.import_module(
Base64 encoding/decoding
assets/douyin-downloader/utils/abogus.py · prose · downgraded · base64_encode
Why the tier is capped
Execution sink present in raw bytes (Hard Floor: class B/D). Final tier capped at Caution — cannot be lifted by any downgrade, example-payload opt-in, or allowlist.
Permissions & capabilities
No declared permissions — minimal attack surface.
Is this flag fair?
Thanks — recorded.