ClawHub
Back to skill

Security audit

Xiaohongshu Creator Marketplace (Pugongying) Creator Feature Tags API

Security checks across malware telemetry and agentic risk

Overview

This is a focused API helper, but it sends and passes the API token in ways that can expose it outside the intended request.

Review before installing. Use only a scoped or short-lived JustOneAPI token, avoid running it where command lines or full request URLs are logged, and rotate the token if you suspect exposure. The skill does not show malicious behavior, but its credential handling deserves user attention.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill defines the authentication token as a query parameter and later appends all query parameters directly into the URL. Query-string tokens are commonly exposed through logs, browser history, proxies, monitoring systems, referrer leakage, and error reporting, making credential disclosure more likely than header-based authentication. In this skill context, the risk is real because the script is a generic API wrapper and provides no warning to users that secrets will be placed in the request URL.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The documentation instructs consumers to supply a user authentication token as a query parameter but provides no warning about credential sensitivity, logging exposure, or privacy handling. Query parameters are commonly captured in logs, analytics, browser history, proxies, and monitoring systems, so encouraging token transmission this way can increase the chance of accidental credential disclosure.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.secret_argv_exposure

Instructions pass high-value credentials through process argv.

Critical
Code
suspicious.secret_argv_exposure
Location
SKILL.md:41