xiaohongshu-crawler
Pass
Audited by Gen Agent Trust Hub on Jun 12, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [DATA_EXPOSURE_AND_EXFILTRATION]: The skill transmits search keywords and an API key to the vendor's API at
https://redfox.hk/story/api/xhs/crawl/work. This communication is a core requirement for the skill's content retrieval functionality and is directed at the author's official infrastructure. - [COMMAND_EXECUTION]: The skill involves the execution of local Python scripts,
scripts/crawl_xhs.pyandscripts/generate_report.py, to interact with the API and process data for the user. - [INDIRECT_PROMPT_INJECTION]:
- Ingestion points: Data such as post titles, descriptions, and metadata are retrieved from the external Xiaohongshu API in
scripts/crawl_xhs.pyand passed into the agent's context. - Boundary markers: Results are displayed using structured markdown tables to isolate external data from the agent's instructions.
- Capability inventory: The skill has the capability to write and save files locally via
scripts/generate_report.py. - Sanitization: The report generation process utilizes HTML escaping and JSON serialization to ensure that external content is handled securely.
- [DYNAMIC_EXECUTION]: The
scripts/generate_report.pyscript creates HTML files by merging JSON data with a local template. This is done through standard string substitution and does not involve the execution of untrusted code at runtime.
Audit Metadata