ClawHub

Xiaohongshu (RedNote) API

Security checks across malware telemetry and agentic risk

Overview

This is a coherent read-only Xiaohongshu API wrapper, with a real but disclosed credential-handling caution around sending the JustOneAPI token in query parameters.

Install only if you trust JustOneAPI with your API token and the Xiaohongshu searches, note IDs, user IDs, comment IDs, cursors, or share links you submit. Keep the token in an environment variable, avoid exposing command logs or full request URLs, and rotate the token if it appears in logs or shared output.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill explicitly defines the API access token as a query parameter, which causes the credential to be embedded in the URL. Query-string credentials are routinely exposed via logs, browser/history tooling, proxies, monitoring systems, and upstream server access logs, making accidental token disclosure materially more likely.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The script builds and issues outbound requests using user-supplied values including tokens, note/user IDs, comments, and share URLs without any warning, confirmation, or minimization controls. While network access is expected for an API client, the lack of disclosure increases the risk that operators unknowingly transmit sensitive or private data to a third-party service.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The manifest requires an access token to be sent to a third-party service and presents it as a query parameter, without any user-facing disclosure about credential handling, logging exposure, or outbound transfer. Query-string credentials are especially risky because they are commonly retained in logs, analytics, browser histories, and intermediary infrastructure, increasing the chance of token leakage.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The documentation repeatedly instructs callers to pass a sensitive access token together with user IDs, note IDs, comment IDs, and share URLs in query parameters, but provides no warning about secure handling, logging exposure, or privacy implications. Query-string credentials are commonly captured in logs, browser history, analytics, proxies, and monitoring systems, which increases the chance of accidental token leakage and unauthorized API use.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal