Security audit

Xiaohongshu Creator Marketplace (Pugongying) Cost Effectiveness Analysis API

Security checks across malware telemetry and agentic risk

Overview

This is a focused JustOneAPI wrapper, with no hidden persistence or local data access, but it needs careful token handling.

Install only if you trust JustOneAPI with the queried Xiaohongshu userId and your API token. Use a scoped or revocable token when possible, avoid running the example in shared shells or logging-heavy environments, and do not paste token values into chat, logs, screenshots, or client-side code.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (3)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill instructs sending a `userId` to an external third-party API but does not warn the user that an identifier will be transmitted off-platform. Even if `userId` is not always highly sensitive on its own, it can still constitute personal or account-linked data and may create privacy, consent, and compliance issues when silently shared with an external service.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill requires a sensitive authentication token as a query parameter and provides no warning that this credential will be transmitted to an external service. Query parameters are commonly logged by clients, proxies, and servers, increasing the risk of credential exposure and unauthorized API access if the token is captured.

Missing User Warnings

Low

Confidence: 89% confidence
Finding: The documentation exposes that the API requires an authentication token in a query parameter but does not warn about secure handling, logging exposure, or privacy risks around the token and userId. Query-string credentials are especially prone to leakage via logs, analytics, browser history, proxies, and referrer headers, so omitting guidance can lead downstream integrators to handle sensitive data unsafely.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.secret_argv_exposure

Instructions pass high-value credentials through process argv.

Critical

Code: suspicious.secret_argv_exposure
Location: SKILL.md:41