ClawHub

XHS Big Text Poster 小红书大字风格封面配图

Security checks across malware telemetry and agentic risk

Overview

The skill mainly does what it says, but it instructs the agent to send generated images through Feishu to a named recipient without an explicit user confirmation step.

Install only if you intend this workflow to send generated Xiaohongshu images through Feishu to the named recipient. Before using it with private, client, business, or personal content, require the agent to ask for confirmation showing the exact file and destination, or edit the skill to make Feishu sending optional.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The skill description says it should trigger whenever a user needs to make Xiaohongshu images, which is broad and lacks clear eligibility checks or exclusion criteria. In an agent setting, this can cause the skill to run on loosely related requests and proceed into image generation and outbound delivery without sufficiently explicit user intent for those downstream actions.

Missing User Warnings

High
Confidence
97% confidence
Finding
The workflow includes sending the final image via Feishu to a named recipient, but the skill does not require a clear user warning or an explicit consent gate before exfiltrating generated content. Because the skill stores images locally and then performs an outbound transfer, accidental triggering or inclusion of sensitive user-provided text could result in unintended disclosure to an external channel.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The workflow explicitly transmits generated images through Feishu, an external communication channel, but provides no consent gate, data-classification check, or user-facing warning that content will leave the local workspace. This creates a real risk of unintended data exfiltration if prompts, generated images, or embedded text contain sensitive business, personal, or regulated information.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal