Xiaohongshu RedNote XHS Insights MCP

Security checks across malware telemetry and agentic risk

Overview

This plugin is a disclosed read-only bridge to a hosted SocialDataX MCP service for Xiaohongshu/RedNote research, with no evidence of hidden persistence, destructive behavior, or unrelated access.

Install only if you trust SocialDataX and are comfortable sending XHS/RedNote research queries, URLs, IDs, and your SOCIALDATAX_API_KEY to the declared hosted endpoint. Avoid using sensitive private research terms unless that external service is acceptable for your workflow.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: This plugin forwards user-supplied inputs such as keywords, note URLs, profile URLs, user IDs, and comment IDs to a hard-coded third-party remote MCP endpoint while also attaching a bearer API key from the environment. Even though this appears to be the intended design of a hosted forwarding plugin, the code provides no consent prompt, domain allowlist configurability, or data-minimization safeguards, so sensitive research queries and credentials are exposed to an external service by default.

Unpinned Dependencies

Low

Category: Supply Chain
Content: } }, "dependencies": { "@modelcontextprotocol/sdk": "^1.29.0" }, "files": [ "openclaw.plugin.json",
Confidence: 80% confidence
Finding: "@modelcontextprotocol/sdk": "^1.29.0"

VirusTotal

61/61 vendors flagged this plugin as clean.

View on VirusTotal