ClawHub

xiaohongshu-matrix-manager

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Xiaohongshu API helper, but it documents credentialed plain-HTTP calls for account access and public publishing.

Install only if you trust the RedAPI provider and can use a revocable, low-privilege API key. Do not place the API key in URLs, avoid operating unless HTTPS is available, and require the agent to show the exact account and full publish payload for explicit approval before any post or scheduled post.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger list includes very broad terms such as '小红书', 'xhs', and 'API 调用', which can cause the skill to activate for general conversation rather than clearly scoped user intent. Because this skill can query accounts and publish content, over-broad activation increases the chance of unintended high-impact actions or inappropriate data access.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill advertises publishing and account-management capabilities without warning that these actions may modify external accounts, consume paid API quota, or affect multiple managed identities. In this context, the omission is dangerous because the tool integrates with a third-party platform for batch publishing and account operations, so a user may unknowingly authorize impactful external actions.

Missing User Warnings

High
Confidence
99% confidence
Finding
The documentation specifies `http://redapi.cn` for all API calls and shows sending `X-API-Key` credentials and request data over plaintext HTTP. This exposes API keys and request contents to interception and modification by any network attacker, which is especially risky because the skill supports account management and content publishing actions.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
Allowing API keys in query parameters leaks credentials into browser history, logs, proxies, monitoring systems, referrer headers, and shared URLs. Because this API can retrieve account data and publish notes, a leaked key could enable unauthorized access and actions across managed Xiaohongshu accounts.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal