Back to skill

Security audit

Maxhub Xigua

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed read-only Xigua/MaxHub data lookup skill, but users should treat API keys, cookies, comments, and video links carefully.

Install only if you trust MaxHub/aconfig.cn with your API key and the IDs, keywords, URLs, and any optional cookies you provide. Avoid passing production session cookies, minimize saved comment data, and use video playback links only for authorized analysis or archival purposes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The primary skill description states that user-supplied IDs, keywords, URLs, and optional cookies or tokens may be transmitted to a third-party service at `https://www.aconfig.cn`, but the warning is not prominent at the top-level capability description. In an agent ecosystem, this can lead users or upstream orchestrators to provide high-sensitivity credentials or identifiers without fully understanding that they will leave the local environment, increasing the risk of credential exposure, unauthorized third-party processing, and privacy non-compliance.

Missing User Warnings

Low
Confidence
81% confidence
Finding
The usage scenarios explicitly encourage bulk collection, database building, and comment harvesting, including UGC that may contain personal information, without repeating strong privacy and authorization constraints in the operational examples. In context, this makes misuse more likely because the skill is designed for large-scale external data transfer to a third-party API, so users may normalize collecting and storing personal or sensitive comment data without appropriate minimization, consent, or retention controls.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger set for fetching play URLs includes broad phrases such as '下载视频' and '视频地址', which can match user requests that are not clearly asking for direct media extraction. In this skill, that ambiguity is more sensitive because the recipe returns a playback URL, which can enable direct retrieval or redistribution of video content beyond ordinary metadata lookup.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.