Skills
skills/autoclaw-cc/xiaohongshu-skills/xhs-content-ops/Gen Agent Trust Hub

xhs-content-ops

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes a local script at scripts/cli.py to perform its core functions. It defines multiple subcommands such as search-feeds, publish, and post-comment.
  • [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface (Category 8).
  • Ingestion points: External data is ingested through the get-feed-detail and search-feeds commands which fetch user comments and note content.
  • Boundary markers: Absent; there are no delimiters or specific instructions to treat fetched content as untrusted data.
  • Capability inventory: The skill has the capability to execute network-bound commands including publish and post-comment using the local CLI script.
  • Sanitization: No sanitization or validation of the fetched external content is performed before the agent processes or analyzes it.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 07:36 AM