Security audit

Xiaohongshu Creator Marketplace (Pugongying) Follower Summary API

Security checks across malware telemetry and agentic risk

Overview

This is a narrow JustOneAPI wrapper, but it handles the user's API token in leak-prone ways that merit review before installation.

Review before installing if your JustOneAPI token has broad access or paid quota. The endpoint behavior appears narrow and disclosed, but the token may be exposed through command-line arguments and URL/query logging; prefer a version that reads the token directly from the environment and sends it using an Authorization header or other non-URL credential channel.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The manifest requires a user authentication token in a query parameter but provides no user-facing warning, handling guidance, or privacy disclosure. Passing secrets in query strings is risky because they are commonly exposed in logs, analytics, browser history, intermediary systems, and debugging tools, which can lead to credential leakage and unauthorized API access.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.secret_argv_exposure

Instructions pass high-value credentials through process argv.

Critical

Code: suspicious.secret_argv_exposure
Location: SKILL.md:42