Security audit

Xiaohongshu Creator Marketplace (Pugongying) Creator Content Tags API

Security checks across malware telemetry and agentic risk

Overview

The skill appears to perform the advertised JustOneAPI lookup, but it handles the API token in ways that could expose it and should be reviewed before installation.

Install only if you trust JustOneAPI and can use a limited-scope or disposable token. Avoid running it on shared or heavily logged systems, prefer a revised helper that reads the token from a protected environment variable and uses header-based auth if supported, and rotate the token if it may have appeared in logs or process listings.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill sends the authentication token as a URL query parameter, which is commonly logged by clients, proxies, gateways, browser history, observability systems, and upstream servers. Even though the request uses HTTPS, query strings are frequently exposed in logs and error reports, making accidental credential disclosure materially more likely.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.secret_argv_exposure

Instructions pass high-value credentials through process argv.

Critical

Code: suspicious.secret_argv_exposure
Location: SKILL.md:41