ClawHub

小红书爆款标题生成器 XHS Title Pro

Security checks across malware telemetry and agentic risk

Overview

This title-writing skill is mostly coherent, but it asks for broad local file read/write access and describes ongoing memory without clear limits.

Review before installing. The title-generation behavior itself appears benign, but prefer a version that removes broad Read/Write access or clearly limits it to user-selected files and confirms writes. Avoid sharing sensitive campaign, client, or audience details unless you are comfortable with the skill's stated personalization memory.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly says it will remember the user's content domain, target audience, and preferred title style, but provides no disclosure about whether that information is stored, for how long, or how it is reused. This creates a privacy and transparency risk because users may share sensitive business, personal, or demographic information under the assumption it is only used transiently for the current request.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The Learning & Memory section repeatedly instructs the agent to remember user preferences, effective formulas, and feedback, implying ongoing storage and reuse of user-provided data without notice or consent. This is dangerous because it normalizes silent profiling and behavioral data retention across sessions, which can violate user expectations and privacy requirements.

Ssd 3

Medium
Confidence
95% confidence
Finding
These natural-language instructions direct the agent to retain user-provided information across interactions, including content domain and user-profile preferences. Persistent memory of such data can expose personal preferences or sensitive contextual details beyond the immediate task, especially when no boundaries, minimization, or consent mechanism are defined.

Ssd 3

Medium
Confidence
98% confidence
Finding
The skill's Learning and Memory section instructs persistent collection and reuse of user preferences and feedback in plain language, effectively encouraging cross-session profiling. In the context of a content-generation tool, users may share niche, personal, or commercially sensitive details, making undisclosed retention more risky rather than less.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal