小红书爆款笔记查询

Security checks across malware telemetry and agentic risk

Overview

This Xiaohongshu search skill is mostly coherent, but it needs review because it can create recurring calendar reminders and writes browser-openable HTML from external data without enough sanitization.

Install only if you are comfortable using a Redfox API key and sending Xiaohongshu search queries to redfox.hk. Treat generated HTML reports as untrusted browser content, and create subscriptions only when you intentionally want recurring reminders and know how to remove them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 95% confidence
Finding: The skill is described as a search tool, but the documentation adds a separate subscription and calendar-creation workflow. This is a scope expansion vulnerability because it enables side-effecting actions on the user's behalf that were not disclosed in the manifest description, increasing the chance of unexpected persistence, scheduling abuse, or consent confusion.

Missing User Warnings

Medium

Confidence: 85% confidence
Finding: User-supplied keywords, dates, and pagination parameters are sent to an external service without any explicit disclosure in the skill behavior shown here. In a search tool, this is functionally expected, but it still creates a privacy/data-handling risk because user queries may contain sensitive business or personal information that is transmitted off-platform.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal