Skills
skills/openclaw/skills/xiaohongshu-skills/Snyk

xiaohongshu-skills

Fail

Audited by Snyk on Mar 16, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 1.00). The skill's examples and commands require passing tokens/credentials (e.g., --xsec-token XSEC_TOKEN, feed IDs, cookies) as command-line arguments, which would force the LLM to embed secret values verbatim into generated commands/outputs, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill's required workflows (e.g., xhs-explore and xhs-content-ops SKILL.md) explicitly call CLI commands like search-feeds and get-feed-detail to fetch and read Xiaohongshu posts/comments (user-generated content) and the publish skill even includes a "URL 提取模式" to WebFetch arbitrary webpages and images, and those fetched third‑party contents are used to decide actions (summarize, choose posts to favorite/comment/publish), meeting all criteria for indirect prompt‑injection risk.

Issues (2)

W007
HIGH

Insecure credential handling detected in skill instructions.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
HIGH
Analyzed
Mar 16, 2026, 11:39 PM
Issues
2