Security audit

Xiaohongshu Creator Marketplace (Pugongying) Data Summary API

Security checks across malware telemetry and agentic risk

Overview

The skill appears purpose-aligned, but users should treat its marketplace token carefully because it is passed in a URL query string.

Install only if you are comfortable providing a marketplace token. Use a scoped and revocable token if available, avoid sharing or logging generated URLs, and rotate the token if it appears in logs, browser history, screenshots, or support bundles.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill requires an authentication token as a query parameter and then appends it into the URL. Query-string secrets are routinely exposed through logs, browser/history records, monitoring systems, proxies, and error telemetry, making token leakage more likely than if the token were sent in an Authorization header. In this skill’s context, the issue is more serious because the token is the primary credential for accessing creator marketplace data.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.secret_argv_exposure

Instructions pass high-value credentials through process argv.

Critical

Code: suspicious.secret_argv_exposure
Location: SKILL.md:43