小红书爆款笔记生成器
PassAudited by VirusTotal on May 6, 2026.
Overview
Type: OpenClaw Skill Name: xhs-viral-writer Version: 1.0.0 The skill is a legitimate tool for generating Xiaohongshu (Little Red Book) social media posts using the DeepSeek AI API. The code in `generate.js` retrieves an API key from environment variables or the local OpenClaw configuration file (`~/.openclaw/openclaw.json`) and sends requests only to the official `api.deepseek.com` endpoint. There is no evidence of data exfiltration, malicious execution, or prompt injection.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing or using the skill may consume the user’s DeepSeek account quota or billing through their configured API key.
The skill uses a DeepSeek API key from the environment or local OpenClaw configuration and sends it as a bearer token to DeepSeek.
let API_KEY = process.env.DEEPSEEK_API_KEY || ''; ... '.openclaw/openclaw.json' ... config.models?.providers?.deepseek?.apiKey ... 'Authorization': `Bearer ${API_KEY}`Use only with a DeepSeek key you intend to make available to OpenClaw, monitor usage, and prefer a scoped or dedicated API key if possible.
Any product, topic, or details included in the request are transmitted to DeepSeek for processing.
The user’s requested topic is placed into a prompt and sent to DeepSeek’s external chat-completions API.
hostname: 'api.deepseek.com', path: '/v1/chat/completions' ... { role: 'user', content: prompt }Avoid including private, confidential, or regulated information in prompts unless you are comfortable sending it to DeepSeek under its terms.