ClawHub

Xiaohongshu Longpost Auto

Security checks across malware telemetry and agentic risk

Overview

This skill clearly aims to automate Xiaohongshu posting, but it can publish publicly and make originality declarations without a required final user approval step.

Install only if you are comfortable letting an agent operate a logged-in Xiaohongshu creator account. Before use, require a draft or preview and explicitly approve the final title, body, images, tags, originality declaration, destination account, and live publish action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The skill claims that only QR-code login needs manual action, yet it also automates legally and reputationally significant actions such as declaring content as original and publishing to the user's account. This misrepresents the true scope of automation and can cause users to authorize actions they did not meaningfully review or approve.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill performs end-to-end automated posting, including the final publish click, without an explicit confirmation gate immediately before content is posted. In the context of a social-media publishing workflow, this is dangerous because it can post unwanted, noncompliant, or incorrect content directly to the user's public account.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill advertises AI-generated images, content optimization, and tag generation as part of an automated pipeline, but does not clearly warn that generated material may be uploaded under the user's identity. That creates a risk of inaccurate, infringing, or policy-violating content being published without informed user review.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal