Back to skill

Security audit

Red Note Imitation Writing

Security checks across malware telemetry and agentic risk

Overview

This skill is transparent about what it does, but its stated purpose includes imitating viral posts while avoiding plagiarism or duplicate-detection systems.

Install only if you are comfortable sending your inputs to wsdsocial.com and you will use it for lawful, original marketing drafts. Avoid using it to launder copied posts, evade plagiarism or duplicate-detection systems, or violate Xiaohongshu/platform rules.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Natural-Language Policy Violations

High
Confidence
99% confidence
Finding
The skill description explicitly advertises generating differentiated content to 'avoid plagiarism detection,' which is an evasion objective rather than a legitimate writing aid. This materially increases abuse risk by facilitating content laundering, impersonation of organic posts, and circumvention of platform integrity controls.

Natural-Language Policy Violations

High
Confidence
99% confidence
Finding
The body instructs users to imitate viral posts' structure, style, and traffic logic while combining selling points to bypass duplicate detection, directly operationalizing deceptive content replication. In context, this is more dangerous because it targets social-media growth workflows, making large-scale spam, plagiarism evasion, and manipulative affiliate or commercial posting easier.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.