Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
小红书发布
v1.0.0自动发布内容到小红书平台。支持发布图文、检查登录状态、获取登录二维码。使用场景:自动化小红书内容发布、批量发布、定时发布等。
⭐ 0· 374·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name/description (automated Xiaohongshu publishing) aligns with the code and instructions: the scripts post to a local MCP service on localhost:18060 and provide publish/check features. However, SKILL.md requires a Windows binary (xiaohongshu-mcp-windows-amd64.exe) and the mcporter CLI, but the registry metadata declares no required binaries/env — this mismatch is unexpected and should have been declared in metadata.
Instruction Scope
Runtime instructions and scripts only interact with local resources: they read image files, call a localhost HTTP endpoint (/mcp), and output console logs. There is no obvious network exfiltration to remote hosts beyond localhost. Two issues: SKILL.md suggests running node scripts/login.js to get a QR code, but no login.js is present in the package; and several example posts reference absolute local paths under the author's workspace, which may not exist for an installer. These are scope/integrity problems (missing file and hard-coded paths), not direct evidence of exfiltration.
Install Mechanism
This is instruction-only from the skill registry (no install spec), so nothing is automatically downloaded by the skill bundle. However, the instructions require the user to obtain/run a third‑party Windows executable (xiaohongshu-mcp-windows-amd64.exe) and to install mcporter globally (npm). The skill points to a GitHub repo for 'xiaohongshu-mcp' which is the likely source — the user must manually vet and obtain that executable. Relying on an external unsigned .exe introduces risk if the binary's provenance is not confirmed.
Credentials
The registry lists no required environment variables or credentials, and the code communicates with a local MCP endpoint rather than remote APIs that would need service keys. References/config.md mentions an MCP_URL env var as optional. No secret/credential requests are present in code or metadata. This is proportionate, but the metadata omission (not declaring required tools/binaries) reduces transparency.
Persistence & Privilege
The skill does not request permanent presence (always: false) and does not modify other skills or system-wide settings. It is user-invocable and can be run by the agent; autonomous invocation is allowed by default but is not combined with other high-risk flags here.
What to consider before installing
Before installing or running this skill: 1) Understand it depends on a separate MCP server binary (xiaohongshu-mcp-windows-amd64.exe) and the mcporter CLI — these are not installed by the skill and are not declared in the registry metadata. Only obtain the MCP executable from a trusted source (the SKILL.md links to a GitHub repo; review that repo and its releases carefully). 2) Note that SKILL.md references node scripts/login.js to get a QR code, but login.js is not included — expect missing functionality or manual login steps. 3) The scripts operate on local image files and talk only to localhost:18060; they do not request external credentials, but you should verify the MCP server’s behavior and permissions before running an untrusted .exe (it could perform network or privileged actions). 4) Remove or inspect hard-coded absolute paths in example files before running (they reference the original developer's workspace). 5) If you need this skill, prefer to manually install and run the MCP server after auditing its code/binaries; if you cannot verify the MCP binary/source, do not run it. If you want a cleaner integration, ask the skill author to: declare required binaries/env in metadata, include a login.js if referenced, and avoid hard-coded user-specific paths.Like a lobster shell, security has layers — review code before you run it.
latestvk976nhr0htq85ad0p4r8g3bcdn823r3t
License
MIT-0
Free to use, modify, and redistribute. No attribution required.