RedBookSkills

Fail

Audited by Snyk on May 30, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 1.00). The prompt instructs the agent to include sensitive tokens (e.g., --xsec-token XSEC_TOKEN) and similar credential-like parameters directly in generated commands, requiring the LLM to handle/output secret values verbatim and creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.75). 在“内容检索与互动流程”中,运行时会通过 CDP 打开小红书页面并从 window.__INITIAL_STATE__/DOM/网络响应中提取他人发布的笔记与评论文本(如 list-feeds/search-feeds/get-feed-detail/profile-snapshot/notes-from-profile/get-notification-mentions),这些属于外部作者内容进入 LLM 上下文的间接提示注入风险。

Issues (2)

W007
HIGH

Insecure credential handling detected in skill instructions.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
HIGH
Analyzed
May 30, 2026, 09:49 AM
Issues
2
Security Audit — snyk — RedBookSkills