Security audit

Xiaohongshu Creator Marketplace (Pugongying) Follower Growth History API

Security checks across malware telemetry and agentic risk

Overview

This is a narrow read-only API helper, but it handles the JustOneAPI token in ways that can expose it, so users should review it before use.

Install only if you are comfortable using a JustOneAPI token with this helper. Prefer a version that reads the token directly from the environment and sends authentication in a header if the API supports it; avoid sharing logs, shell history, process listings, or error output that could include the token or full request URL.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill defines the authentication token as a query parameter and injects it into the request URL, which causes the secret to appear in URLs. Query-string secrets are commonly exposed through logs, browser/history tooling, proxies, analytics, crash reports, and upstream infrastructure, making token leakage materially more likely even when HTTPS is used. In this API-wrapper context, the risk is increased because the code operationalizes this pattern by default without warning the user.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The API documentation requires an authentication token to be sent as a query parameter, which is a real credential-exposure risk. Query parameters are commonly logged by servers, proxies, browser history, analytics tools, and monitoring systems, making token leakage more likely even if TLS is used. In this skill context, the danger is increased because the skill is explicitly guiding integrators to place sensitive credentials in the URL.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.secret_argv_exposure

Instructions pass high-value credentials through process argv.

Critical

Code: suspicious.secret_argv_exposure
Location: SKILL.md:46