小红书数据分析

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Xiaohongshu analytics skill that uses a declared API key for read-only market data lookups, with no executable code or persistence.

Before installing, confirm who operates the Xiaohongshu data API, what base URL is used, and how query data is retained. Use a revocable, limited XHS_API_KEY and avoid submitting confidential campaign plans unless you are comfortable sharing them with that provider.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The README says users can 'directly describe your problem' and that the skill will 'automatically fetch relevant data,' but it does not define clear invocation boundaries or approved use cases. In an agent setting, overly broad triggers can cause the skill to be invoked for loosely related prompts, leading to unnecessary third-party API calls, unintended use of the provided API key, and disclosure of user queries to an external service.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The README mentions needing an API key but does not clearly warn that the skill will automatically call an external data service and transmit user requests there. This weakens informed consent and can expose sensitive business questions, brand plans, or other prompt contents to a third party without the user fully understanding that data egress will occur.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal