Back to skill
Skillv1.0.0
ClawScan security
小红书爆款笔记写作 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 28, 2026, 10:13 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only template for writing Xiaohongshu (RED) posts; its requirements and runtime instructions match the stated purpose and it does not request credentials or install code.
- Guidance
- This skill is internally coherent and appears to be a safe, offline writing template. Before installing or enabling autonomous use: 1) Review outputs before publishing — the templates can encourage persuasive or emotionally targeted wording, so check for accuracy, tone, and ethics. 2) Be cautious about the referenced 'xiaohongshu-publish-SKILL' — inspect that skill's permissions and any credentials it requires before linking them. 3) Avoid directly copying the provided example text verbatim to prevent plagiarism; use it as structural inspiration. 4) If you allow autonomous invocation, restrict publishing actions or require explicit confirmation to prevent accidental posting.
Review Dimensions
- Purpose & Capability
- okName/description (generate high-engagement Xiaohongshu notes) match the SKILL.md content (templates, checklists, examples). The skill requests no unrelated binaries, env vars, or config paths.
- Instruction Scope
- noteInstructions are limited to writing templates, examples, and a publish step. They do not instruct reading files, accessing secrets, or contacting external endpoints. One notable line: '发布(使用 xiaohongshu-publish-SKILL)' references another publishing skill but that dependency is not declared here — using that other skill could cause network calls and require credentials, so review that target skill before enabling autonomous publishing.
- Install Mechanism
- okNo install spec and no code files — instruction-only, so nothing is written to disk or downloaded during install.
- Credentials
- okNo environment variables, credentials, or config paths are requested. There is no disproportionate credential access for the stated purpose.
- Persistence & Privilege
- okalways is false and the skill does not request persistent system presence or modify other skills. Model invocation is allowed (default) but that is normal and not combined with other red flags.