XHS Writing Coach

Security checks across malware telemetry and agentic risk

Overview

This is a Markdown-only Xiaohongshu writing coach with no executable behavior, but its AI-content labeling advice is internally inconsistent.

Reasonable to install for XHS writing assistance. Before relying on generated posts, check whether your platform or context requires AI-content labeling and override the stale 'no #AI生成内容' note when needed. Avoid putting private draft details into external search queries, and approve any updates to the skill's reference notes.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Intent-Code Divergence

Medium

Confidence: 95% confidence
Finding: The manifest says the skill includes 'AI内容合规标注提醒', which implies reminding users about AI-content compliance labeling. But the documented output contract says tags should contain 'no #AI生成内容 (user requested removal)', which directly conflicts with that stated compliance-oriented intent rather than merely omitting detail.

Natural-Language Policy Violations

Medium

Confidence: 89% confidence
Finding: This markdown includes explicit Chinese-only query examples and prescribes Chinese title patterns and tags such as '别再...', '真正变的是...', and removal of '#AI生成内容'. That is a natural-language locale policy concern because the file directs a specific language/locale behavior without any opt-in or documented regional-compliance justification.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal