xiaohongshu
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [DATA_EXFILTRATION]: The
scripts/generate_image.pyscript transmits prompts and configuration data to external third-party services (api.atlascloud.aiandapi.nanobananaapi.ai) to generate images. It also attempts to read sensitive API keys from environment variables and a hardcoded local file path (/Users/lifcc/Desktop/code/work/mutil-om/om-generator/.env), which exposes the author's local directory structure. - [COMMAND_EXECUTION]: The skill frequently uses the
Bashtool to execute local Python scripts (feed_database.py,generate_image.py) and complex command-line operations. This includes running Google Chrome in headless mode for screenshots and executing inline Python snippets that usePILandnumpyfor image processing. - [INDIRECT_PROMPT_INJECTION]: The skill's workflow involves fetching competitor post details (titles, content, analysis) directly from the Xiaohongshu platform to guide its own generation process. This creates a surface for indirect prompt injection where malicious instructions embedded in web content could influence the agent's output or behavior.
- [EXTERNAL_DOWNLOADS]: The skill downloads images from URLs provided by the image generation APIs and saves them to the local filesystem using the
requestslibrary.
Audit Metadata