xiaohongshu-recruiter
Warn
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The Python script
scripts/publish_xiaohongshu.pyutilizessubprocess.Popento launch the Google Chrome or Chromium executable to facilitate browser automation. - [EXTERNAL_DOWNLOADS]: The skill requires the installation of external dependencies, including the
playwrightPython package, thecanvasNode.js package, and browser drivers viaplaywright install chromium. - [DATA_EXFILTRATION]: The script
scripts/publish_xiaohongshu.pycreates and manages a persistent browser profile located at~/.aionui/xiaohongshu-chrome-profile. This directory stores sensitive information, including authentication cookies and session data for the Xiaohongshu platform, allowing for persistent access. - [PROMPT_INJECTION]: The skill implements a 'Simplified Mode' where the agent is instructed to automatically generate recruitment copy and publish it to Xiaohongshu with 'one click'. This creates an attack surface for indirect prompt injection, as model-generated content derived from user instructions is submitted to a third-party platform without a mandatory human review step to verify the content.
Audit Metadata