Skills
skills/erafat/skills/md-to-xhs-cards/Gen Agent Trust Hub

md-to-xhs-cards

Pass

Audited by Gen Agent Trust Hub on Feb 20, 2026

Risk Level: SAFECREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [CREDENTIALS_UNSAFE] (LOW): The skill handles Xiaohongshu cookies via command-line arguments (--publish-cookie), environment variables (XHS_COOKIE), and .env files. While necessary for the publishing feature, this introduces a risk of credential exposure if logs or environment state are not properly secured.
  • [EXTERNAL_DOWNLOADS] (LOW): The skill requires external Python packages pillow, xhs, and requests. These are standard libraries, but the xhs package is a third-party community library for interacting with the Xiaohongshu API, which should be vetted for supply chain integrity.
  • [COMMAND_EXECUTION] (LOW): The shell script scripts/run_md_to_xhs_cards.sh uses exec to run the primary Python logic. It also uses a dynamic Python snippet via heredoc to check for module availability. This is a standard wrapper pattern and does not appear to execute untrusted input directly in the shell.
  • [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes user-provided markdown files to generate images.
  • Ingestion points: scripts/run_md_to_xhs_cards.sh takes a file path as an argument.
  • Boundary markers: Absent; the content of the markdown file is processed directly.
  • Capability inventory: Image generation (Pillow) and network requests (XHS API).
  • Sanitization: Not explicitly implemented in the provided wrapper script.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 20, 2026, 01:40 AM