小红书评论分析
PassAudited by VirusTotal on May 8, 2026.
Overview
Type: OpenClaw Skill Name: xhs-sentiment-dashboard Version: 1.0.0 The skill contains a shell injection vulnerability in the 'One-click script' section of SKILL.md, where the user-provided $LINK variable is passed directly into a bash command without sanitization. It also requires the AISKILLS_API_KEY environment variable and sends user data (links and API keys) to a third-party domain (ai-skills.ai). While the behavior is aligned with the stated purpose of sentiment analysis, the insecure script construction and external data transmission pose a risk to the user's environment and data privacy.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The API key may allow use of the user's ai-skills.ai quota or paid service access.
The skill requires an ai-skills.ai API key and explicitly sends it to the same third-party service for authenticated task creation and status polling.
requiredEnvVars:\n - name: AISKILLS_API_KEY\n description: "从 https://ai-skills.ai 获取的 API Key。Step 2/3 接口调用时会将 API Key 发送至 ai-skills.ai 服务器。"
Use a dedicated, revocable API key, monitor usage, and revoke it if unexpected activity appears.
The third-party service will learn the Xiaohongshu note link or content ID being analyzed and will receive the API key for authenticated requests.
The skill discloses a third-party provider boundary and lists the data sent, including note links/parameters and the API key.
security:\n thirdPartyDomain: ai-skills.ai\n dataSent:\n - "skillId(技能标识符)"\n - "params(技能参数,含用户提供的笔记链接,Step 2/3 需认证)"\n - "X-API-Key(认证密钥,仅 Step 2/3 发送)"
Only analyze links you are comfortable sharing with ai-skills.ai, and review that provider's privacy and retention policies before use.
If the remote task never completes or returns an unexpected status, the script could keep running and making repeated API requests.
The example one-click script polls indefinitely until the task reports completed, without a timeout or error-exit condition.
while true; do\n STATUS=$(curl -s https://ai-skills.ai/api/comment-analysis/tasks/$TASK_ID \\\n -H "X-API-Key: $AISKILLS_API_KEY" ... )\n [ "$STATUS" = "completed" ] && break\n sleep 3\ndone
Run the workflow only when requested by the user and add a maximum retry count or timeout before using the script.