ClawHub

Xiao Hong Shu Video Analyser

Security checks across malware telemetry and agentic risk

Overview

This skill performs a disclosed Xiaohongshu video download and cloud transcription workflow, with privacy-sensitive but purpose-aligned handling of audio and a Poe API key.

Install only if you are comfortable with downloaded video/audio and extracted speech being stored locally and audio chunks being uploaded to Poe/Gemini using your Poe API key. Avoid using it for private, confidential, copyrighted, or legally sensitive videos unless that third-party processing is acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (6)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill invokes shell commands and performs network access, but the manifest does not declare corresponding permissions or capabilities. This reduces transparency and prevents users or the platform from making an informed trust decision before execution.

Tp4

High
Category
MCP Tool Poisoning
Confidence
98% confidence
Finding
The skill’s documented purpose understates important behaviors: it reads API credentials from local config/environment, uploads extracted audio to Poe, stores local copies of media/transcripts, and may use alternate download tooling. This mismatch can cause users to expose sensitive media content and secrets under assumptions that the skill is only doing local analysis.

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The script reads a Poe API key from ~/.openclaw/openclaw.json without clearly limiting scope to this skill or obtaining explicit user consent. That behavior reaches beyond the stated purpose of analyzing a Xiaohongshu URL and can cause unintended credential use, especially if the user did not expect this skill to access local configuration secrets.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill does not clearly warn users that audio extracted from the provided video is sent to an external cloud transcription API. Audio may contain personal, confidential, or copyrighted material, so silent upload creates a privacy and compliance risk.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The script uploads extracted audio chunks to api.poe.com for transcription, but the workflow only presents this as a processing step and does not clearly warn the user that private media content will leave the local machine. If the video contains personal, copyrighted, or sensitive speech, this can create a confidentiality and compliance risk.

External Transmission

Medium
Category
Data Exfiltration
Content
"models": {
    "providers": {
      "poe": {
        "baseUrl": "https://api.poe.com/v1",
        "apiKey": "YOUR_POE_API_KEY"
      }
    }
Confidence
93% confidence
Finding
https://api.poe.com/

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal