ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

小红书登录

v1.0.0

小红书 MCP 登录流程。当用户需要登录小红书、小红书登录过期、或需要获取小红书登录二维码时使用此 skill。

0· 774·1 current·1 all-time
byundefined@fe-room
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill claims to implement Xiaohongshu MCP login (check status, get QR, reset). That purpose is plausible for the commands shown (mcporter calls). However the SKILL.md also uses Node.js code, a 'read' tool, and a 'message ... channel=feishu' command to transmit files. The skill metadata declares no required binaries, runtimes, or credentials, so the run-time assumptions (Node, read, Feishu messaging) are not reflected in requirements — this is an inconsistency.
!
Instruction Scope
Instructions tell the agent to run mcporter commands, use a Node.js execSync snippet to parse output with a regex, write a PNG to a hard-coded user path (/Users/chen/.openclaw/workspace/xhs_login.png), display it via a local 'read' tool, and optionally send it to Feishu. These steps include file I/O on a user home path and an instruction to transmit a local file externally; the SKILL.md gives the agent broad discretion (execSync with shell) and uses brittle regex-based parsing that could mis-handle output. The skill also assumes tools and credentials not declared.
Install Mechanism
No install spec and no code files: instruction-only skill (lowest installer risk). Nothing is being downloaded or written by an installer step.
!
Credentials
The skill declares no required environment variables or primary credential, yet the instructions rely on services (Feishu messaging) that typically require credentials, and on mcporter being available and authenticated. It also uses a hard-coded file path under a specific user account ('chen') which is environment-specific and may improperly access or overwrite user files. The lack of declared credentials for external transmission is disproportionate to the stated purpose.
Persistence & Privilege
always is false and the skill is user-invocable; there is no request for persistent, always-on presence or modification of other skills/system-wide settings. The skill does write a file to disk during operation, but that is a normal runtime action for this flow.
What to consider before installing
Before installing/using this skill, verify the execution environment and confirm assumptions: (1) Ensure mcporter is available and authenticated in your environment — the skill relies on mcporter calls. (2) The SKILL.md expects Node.js (child_process.execSync) and a local 'read' tool; the skill metadata does not declare these — provide or adapt them or request the author to declare requirements. (3) Replace the hard-coded path (/Users/chen/.openclaw/workspace/xhs_login.png) with a workspace-relative or configurable path to avoid overwriting someone else's files. (4) The instructions include sending the image to Feishu but declare no Feishu credentials; confirm how authentication is handled and whether sending images externally is acceptable. (5) The Node snippet uses shell exec and a regex to extract base64 — this is brittle and can mis-parse output or be abused; prefer structured output or safer parsing if possible. (6) If you must use the skill, run it in a controlled environment with limited permissions and review the exact commands it will run. Ask the skill author to (a) declare required runtimes/tools and credentials, (b) avoid hard-coded paths, and (c) avoid shelling untrusted output without sanitization. If these clarifications are not provided, treat the skill as risky to use with sensitive accounts or on a personal machine.

Like a lobster shell, security has layers — review code before you run it.

latestvk974r37fn1yaj4jt32rjcawzmh822dkw
774downloads
0stars
1versions
Updated 7h ago
v1.0.0
MIT-0
undefined@fe-room
latest
Download

小红书登录

检查登录状态

mcporter call xiaohongshu-mcp.check_login_status

获取登录二维码

Step 1: 调用 MCP 获取二维码

mcporter call xiaohongshu-mcp.get_login_qrcode --output json

注意: mcporter 输出的 JSON 格式不标准(属性名无引号),需要用正则提取 base64。

Step 2: 保存二维码图片

// 用 Node.js 提取并保存
const { execSync } = require('child_process');
const fs = require('fs');

const result = execSync('mcporter call xiaohongshu-mcp.get_login_qrcode --output json', { encoding: 'utf8' });

// 正则提取 base64(绕过 JSON 解析问题)
const match = result.match(/data: '([^']+)'/);
if (match) {
  const buffer = Buffer.from(match[1], 'base64');
  fs.writeFileSync('/Users/chen/.openclaw/workspace/xhs_login.png', buffer);
}

Step 3: 显示图片(最可靠)

# 用 read 工具直接显示图片,确保用户能看到
read /Users/chen/.openclaw/workspace/xhs_login.png

Step 4: 发送给用户

# 通过飞书发送(备用,可能不稳定)
message action=send channel=feishu filePath=/Users/chen/.openclaw/workspace/xhs_login.png

完整流程

  1. check_login_status - 检查是否已登录
  2. get_login_qrcode - 获取二维码
  3. 正则提取 base64 → 保存为 PNG
  4. read 工具显示图片 ← 最重要,确保用户能看到
  5. message 发送(可选)

常见问题

飞书图片不显示

  • 本地文件路径在飞书可能不渲染
  • 解决:先用 read 工具显示,让用户直接查看

JSON 解析失败

  • mcporter --output json 输出格式不标准
  • 解决:用正则 /data: '([^']+)'/ 提取 base64

图片不完整

  • 可能是 base64 提取不完整
  • 解决:确保正则匹配完整,检查文件大小

重置登录

mcporter call xiaohongshu-mcp.delete_cookies

删除后需要重新登录。

Comments

Loading comments...