小红书运营助手

Security checks across malware telemetry and agentic risk

Overview

This Xiaohongshu helper appears coherent and read-only, but its broad trigger words could make it activate unintentionally.

Install only if you are comfortable with the agent querying qianhaistonepark.site for Xiaohongshu lookups. Use explicit requests when invoking it, and avoid sharing sensitive private account or note content unless you trust the external service.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: Using the very broad trigger phrase '小红书' creates a substantial risk of unintended skill activation during normal user conversation about the platform, even when the user did not intend to invoke this skill. That can cause unexpected outbound requests to the third-party service and expose user context to the skill unnecessarily.

Vague Triggers

Medium

Confidence: 97% confidence
Finding: The trigger 'xhs' is extremely short and ambiguous, making accidental activation likely in unrelated contexts such as abbreviations, variable names, or mixed-language text. In an agent environment, such collisions can silently route user input into this skill and trigger network activity without clear user intent.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal