Security audit

Xiaohongshu Collector

Security checks across malware telemetry and agentic risk

Overview

This is a narrow instruction-only skill for a local Xiaohongshu collector workflow, with sensitive cookie use and refresh replacement behavior disclosed and aligned to its purpose.

Install this only for work on the intended local Xiaohongshu collector repo. Treat data/xiaohongshu-cookie.txt as a private session credential, do not share it in chat, and confirm refresh targets or keep backups if replacing existing collected rows matters.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The workflow explicitly directs reading a saved cookie from `data/xiaohongshu-cookie.txt`, which is sensitive credential material. Although the file notes the cookie is sensitive and should not be echoed, it does not warn the user that the skill will access stored authentication data as part of execution.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The markdown states that refresh mode must delete old note rows before writing new ones, which is a destructive operation affecting stored data. The file does not provide a clear warning that refresh replaces existing records or recommend confirmation/backups before deletion.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.