Xiaohongshu Content Creator

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only Xiaohongshu writing helper with minor routing and language usability caveats, but no code, hidden actions, account access, or data access.

Safe to install from a security perspective. Be aware that generic Chinese trigger words may make it appear for broad writing prompts, and review any generated marketing copy for accuracy, platform rules, and brand fit before publishing.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger list includes broad, common terms such as '筆記', '爆款', and '小紅書文案', which can match ordinary user requests and cause the skill to activate when not specifically intended. This can lead to inappropriate routing, prompt-context contamination, or reduced reliability of the broader agent system, even though the skill itself is not directly malicious.

Natural-Language Policy Violations

Medium

Confidence: 82% confidence
Finding: The description is written to strongly imply Chinese-language output and behavior without indicating any language negotiation or user preference check. In a multi-language agent environment, this can cause unexpected language switching, degrade usability, and increase the chance of misaligned responses, though it is not a direct security compromise on its own.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal