ClawHub
Back to skill

Security audit

Xiaohongshu Creator Marketplace (Pugongying) Similar Creators API

Security checks across malware telemetry and agentic risk

Overview

This is a focused JustOneAPI helper that does what it claims, with a credential-handling caveat because the API token is sent as a query parameter.

Install only if you are comfortable using a JustOneAPI token for this endpoint. Use a narrowly scoped or easily revocable token if available, avoid sharing command output or request URLs, and rotate the token if you think logs or monitoring may have captured it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill requires the authentication token as a query parameter and then appends it to the URL before issuing the request. Query-string secrets are commonly exposed through logs, browser/history tooling, proxy and CDN logs, monitoring systems, error reports, and referrer leakage, so this increases the chance of credential disclosure even when HTTPS is used.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This manifest requires a token to be sent as a query parameter to an external service, but provides no user-facing warning or consent language about transmitting credentials off-platform. Query-string tokens are especially risky because they may be logged by clients, proxies, gateways, and server access logs, increasing the chance of credential leakage or unintended disclosure.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.secret_argv_exposure

Instructions pass high-value credentials through process argv.

Critical
Code
suspicious.secret_argv_exposure
Location
SKILL.md:42