ClawHub

Vinplezhang Xiaohongshu Publisher

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Xiaohongshu publishing helper that can post through a logged-in browser session, so users should approve each post carefully before publishing.

Install only if you are comfortable letting the agent operate a logged-in Xiaohongshu creator session. Use cron only to prepare and deliver drafts for review unless you have a separate explicit approval process, and review the final title, body, hashtags, and cover before approving any live publish action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The skill states 'Never auto-publish' and 'Always wait for explicit user approval,' but later recommends cron-based scheduled daily posting. In an agentic environment, that contradiction can be interpreted as permission to publish unattended, creating a risk of unauthorized posting, reputational harm, and accidental account actions without fresh user consent.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The guide directs the agent to click the final publish button and verify success, but it does not require an explicit final user confirmation immediately before performing the irreversible live-post action. In a browser-automation skill that can act on a logged-in creator account, this creates a real risk of unauthorized or unintended publication if content is wrong, stale, or the user expected a draft-only workflow.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal