ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Xiaohongshu (小红书) Automation

v1.0.0

Automate Xiaohongshu (RedNote) content operations using a Python client for the xiaohongshu-mcp server. Use for: (1) Publishing image, text, and video content, (2) Searching for notes and trends, (3) Analyzing post details and comments, (4) Managing user profiles and content feeds. Triggers: xiaohongshu automation, rednote content, publish to xiaohongshu, xiaohongshu search, social media management.

146· 29.7k·281 current·300 all-time
by@borye
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description match the actual behavior: the SKILL.md and bundled Python client call a local xiaohongshu-mcp server to search, read details, fetch feeds, and publish posts. Requiring the MCP server and a login tool is coherent with a Xiaohongshu automation skill.
Instruction Scope
Instructions are narrowly scoped to downloading the MCP binaries, logging in via QR, running a local server on http://localhost:18060, and using the provided Python client to call that local API. They do not instruct reading unrelated files, environment variables, or sending data to external endpoints beyond GitHub for downloads and localhost for the MCP API. However, the skill requires performing an account login via a third‑party binary that will manage your session tokens (xsec_token/feed IDs are used), which is sensitive — the instructions correctly surface this but you should review the server/binaries and their trustworthiness before use.
Install Mechanism
There is no automated install spec; the README instructs manual download of binaries from GitHub Releases (a standard release host). Manual install lowers automation risk but still requires executing third‑party binaries (granting execute permission). That is an expected mechanism for this skill but carries the usual risks of running unsigned/unreviewed binaries.
Credentials
The skill declares no environment variables, no credentials, and no config paths — which is consistent with a design that relies on a locally running server and on-session tokens obtained via the login tool. There are no unrelated credentials requested.
Persistence & Privilege
always is false and the skill does not request persistent system-wide privileges or make changes to other skills. It only instructs running a local server the user must start; there is no indication it modifies agent configuration or installs persistent agents.
Assessment
This skill is coherent for automating Xiaohongshu via a local MCP server, but it requires you to download and run third‑party binaries that manage your account session. Before installing/using: (1) Verify the GitHub repository and release artifacts are the official project and inspect release signatures or checksums if available; (2) Prefer building the server from source or reviewing source code if possible rather than running prebuilt binaries; (3) Use a throwaway/test Xiaohongshu account (not your primary) while testing — QR logins and session tokens can grant full account access; (4) Run the binaries in an isolated environment/container and monitor network/activity; (5) Review the full scripts/xhs_client.py file (the manifest snippet in the skill was truncated in this package review) to ensure there are no hidden/exfiltration behaviors. If you cannot validate the binaries' provenance, avoid using sensitive accounts with this skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk974vsxvbcnqzayc1x45ffyjs180bbr1

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments