Skills
skills/allinherog-star/ai-skills/xhs-sentiment-dashboard/Gen Agent Trust Hub

xhs-sentiment-dashboard

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/run.py uses the standard Python urllib library to perform HTTP requests to the ai-skills.ai backend. It does not execute shell commands or use dynamic execution functions like eval() or exec().
  • [DATA_EXFILTRATION]: The skill transmits the user-provided Xiaohongshu link to the ai-skills.ai domain for analysis. This behavior is the primary purpose of the skill and is explicitly disclosed in the SKILL.md frontmatter and description. No unauthorized access to local sensitive files or environment variables was found.
  • [CREDENTIALS_UNSAFE]: The skill requires an API key for authentication, which is retrieved from the AISKILLS_API_KEY environment variable and passed in the X-API-Key request header. No hardcoded secrets or sensitive credentials were found in the codebase.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 08:58 AM