xiaohongshu-posting
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions to bypass safety filters or disregard system rules were found. The skill emphasizes following user instructions and platform safety guidelines.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network requests are present in the documentation.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill does not include any executable scripts, package installations, or remote code downloads.
- Indirect Prompt Injection (SAFE): Although the skill is designed to process user-provided content for social media, it explicitly instructs the agent to 'use as-is' (原样使用) and 'prohibit optimization' (禁止优化) unless requested. It also includes an evidence chain for processing: Ingestion occurs via user post text; Boundary markers are established through 'AutoGLM handling principles'; Capabilities are limited to UI automation; Sanitization is handled through explicit compliance checks for prohibited content.
- Dynamic Execution (SAFE): No runtime code generation or dynamic loading mechanisms were detected.
Audit Metadata