critical
suspicious.secret_argv_exposure
- Location
- SKILL.md:49
- Finding
- Instructions pass high-value credentials through process argv.
Xiaohongshu (RedNote) Note Comments API
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.secret_argv_exposure
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
A leaked JustOneAPI token could let someone else use the user’s API account or consume paid quota.
Why it was flagged
The skill instructs the agent to pass the API token as a command-line argument. When expanded, that token can be visible to local process inspection, command telemetry, or logs.
Skill content
node {baseDir}/bin/run.mjs --operation "getNoteCommentV2" --token "$JUST_ONE_API_TOKEN" --params-json '{"noteId":"<noteId>"}'Recommendation
Prefer a helper that reads JUST_ONE_API_TOKEN directly from the environment or stdin instead of accepting it on argv; rotate the token if it may have been exposed.