Back to skill

Security audit

Xiaohongshu Deep Research

Security checks across malware telemetry and agentic risk

Overview

The skill appears purpose-aligned for Xiaohongshu research, but it uses a logged-in account and saves crawled data locally without clear privacy, retention, or user-control warnings.

Review before installing. Use a dedicated Xiaohongshu account if possible, confirm exactly what the local MCP service can access, avoid sensitive search terms, and periodically delete or relocate saved raw crawl data. Do not let an agent interpolate untrusted keywords into shell commands unless they are safely quoted or passed through structured JSON tooling.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly stores crawled raw post data, generated summaries, and metadata under a local directory, but does not warn the user that potentially sensitive research inputs and collected platform data will persist on disk. This creates privacy and data handling risk because local files may be exposed to other users, backups, sync tools, or later misuse without the user's awareness.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill requires a logged-in Xiaohongshu account and performs crawling/searching of platform content, but it does not present a privacy or account-use warning to the user. That omission is risky because users may not realize their authenticated session is being used for automated collection, which can expose account activity, trigger platform enforcement, or create compliance and consent issues.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.