XiaoHongShu Viral Post Generator

Security checks across malware telemetry and agentic risk

Overview

The skill is a disclosed paid post generator that uses external APIs for content generation, keyword lookup, and per-call billing.

Install only if you intend to use a paid SkillPay-backed generator. Confirm the 0.05 USDT per-call cost, use scoped OpenAI and SkillPay credentials, avoid sensitive topics because they are sent to external services, and make sure SKILLPAY_ENDPOINT is not set to an unexpected URL.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Context-Inappropriate Capability

Medium

Confidence: 91% confidence
Finding: The skill performs an external billing action using a secret from the environment and transmits user-derived input to a third-party endpoint, yet the provided skill context does not indicate that payment processing is an expected or disclosed function. In an agent skill, hidden monetization and credential use materially expand the trust boundary and can lead to undisclosed charges, data sharing, or abuse if the endpoint is changed via configuration.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The billing request sends the user's topic along with an authorization-bearing request to an external service, and this file provides no indication of disclosure, consent, or data minimization. Even if the topic is truncated, it may still contain sensitive user content, and sending it off-platform without clear necessity creates a privacy and transparency risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal