xiaohongshu-note-detail
Fail
Audited by Snyk on Jun 13, 2026
Risk Level: HIGH
Full Analysis
HIGH W007: Insecure credential handling detected in skill instructions.
- Insecure credential handling detected (high risk: 1.00). The skill explicitly requires the xsecToken to be inserted verbatim into navigation URLs and script parameters (e.g., navigate https://...?xsec_token={xsecToken}), which forces the LLM to handle/output a sensitive token value directly.
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.95). The skill navigates to a Xiaohongshu note detail page and then runs
extract-note-detail.py/extract-note-comments.py, which readwindow.__INITIAL_STATE__.note.noteDetailMap—this Vue state contains outsider-authored free text (the note body and commenters’content) rendered from the public site at runtime.
Issues (2)
W007
HIGHInsecure credential handling detected in skill instructions.
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata