小红书视频发布

Security checks across malware telemetry and agentic risk

Overview

This skill matches its stated purpose, but it can publish to a live Xiaohongshu account and adds a fixed location without strong user confirmation.

Review before installing. Only use this skill when you are comfortable with an agent posting from the currently logged-in Xiaohongshu account, and require manual confirmation of the exact video, title, body, tags, cover, account, and location before publishing. Consider removing or changing the hard-coded “苏州中心” location unless that is always intended.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill automates posting to a live Xiaohongshu account and culminates in clicking a real publish button, but it does not explicitly warn that this is an external, irreversible action requiring clear user confirmation immediately before execution. In an automation context, this increases the risk of accidental posting, reputational harm, and unintended publication of content to a public audience.

Natural-Language Policy Violations

Medium

Confidence: 96% confidence
Finding: The skill instructs the agent to search for and select the fixed location “苏州中心” without any user opt-in or content-based justification. This can misrepresent the origin of the content, alter recommendation targeting, and create privacy, trust, or compliance issues if the post is tagged to a place the user did not choose.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal