Back to skill

Security audit

Xiaohongshu Search Suggest Keywords Collection

Security checks across malware telemetry and agentic risk

Overview

This skill is a small Xiaohongshu keyword-suggestion automation guide, but it includes guidance for evading anti-bot protections such as CAPTCHA.

Review before installing. The skill appears to be documentation-only and purpose-aligned for keyword research, but do not use it to bypass CAPTCHA or other platform protections. Use an isolated browser profile, avoid logged-in sessions unless you intentionally accept the account risk, and assume submitted keywords plus browser/network metadata may be visible to Xiaohongshu.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill performs browser automation against an external website and transmits user-provided keywords to xiaohongshu.com, but the documentation does not clearly warn users that network activity, third-party data disclosure, and possible tracking or account/session interactions will occur. This is dangerous because operators may run the skill assuming it is local-only research tooling, exposing sensitive keywords, IP/device fingerprints, cookies, or authenticated browser context to a third party without informed consent.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The file explicitly recommends anti-crawling evasion techniques such as using a realistic user agent, inserting random delays, and running non-headless to bypass CAPTCHA. In a browser-automation scraping skill, this materially increases misuse potential by helping operators avoid platform defenses and proceed without any compliance, authorization, or account-risk guidance.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.