Xiaohongshu Auto Publisher

Security checks across malware telemetry and agentic risk

Overview

This skill transparently automates Xiaohongshu posting, but users should protect the saved login session like a password.

Install only if you are comfortable giving this skill posting authority for your Xiaohongshu account. Keep state.json private, delete it when you no longer want reuse of the session, and run it in an isolated environment with reviewed title, caption, and media paths.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The script saves Playwright authentication/session state to a predictable local file (`state.json`) after login, which can include cookies and other bearer-session artifacts. Anyone with access to that file may be able to reuse the authenticated Xiaohongshu session without needing the user's credentials, and the script provides no warning, consent flow, or protection around this persistence.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal