Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
xiaohongshu-mcp-openclaw
v1.0.0当用户提到小红书/XHS/Rednote 并需要关键词搜笔记、看笔记详情、抓评论、统计点赞与评论数时使用。通过 xpzouying/xiaohongshu-mcp + mcporter 提供统一查询流程。
⭐ 0· 152·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description match what the files do: the scripts and Python client call mcporter and a local xiaohongshu-mcp HTTP MCP server to search notes, fetch details/comments, and summarize metrics. Required binaries (bash, mcporter, python3, jq) and the included scripts are appropriate for this purpose.
Instruction Scope
SKILL.md instructs the agent to run the included shell scripts and python client which only interact with the local MCP server, local files (logs, png QR file, tmp files, ~/.openclaw, ~/.agents), and the mcporter CLI. It directs the agent to return QR file/open_command to the user (expected for login flows). There is no instruction to read unrelated system secrets or arbitrary host files.
Install Mechanism
Install steps are standard but include network installs: the registry metadata offers an npm/node install for 'mcporter' (node package) and setup.sh uses 'go install' to fetch github.com/xpzouying/xiaohongshu-mcp. These are traceable and expected for this skill, but they pull code from external registries/hosts (npm, Go proxy/GitHub). This is moderate risk compared to instruction-only skills — review upstream repositories before running installs.
Credentials
The skill purposely requires no secret env vars. It does write files under the user's home (~/.openclaw, ~/.agents, /tmp) and can install system services (launchd/systemd) if the user runs service_install.sh. Preflight/setup may require 'go' to build the xiaohongshu-mcp binary even though go is only listed as optional in preflight (a minor mismatch between declared required bins and the practical install path).
Persistence & Privilege
always:false (good). The skill does create persistent copies under ~/.openclaw and by default syncs into ~/.agents/skills; it also optionally installs a user-level service (launchd/systemd) to keep the MCP process running. These behaviors are within scope but are persistent and should be opted into consciously by the user.
Assessment
This skill appears to do what it claims (manage a local xiaohongshu-mcp service and query it via mcporter). Before installing or running: 1) Inspect and trust the remote sources that will be fetched (npm package 'mcporter' and the GitHub module github.com/xpzouying/xiaohongshu-mcp). 2) Run preflight.sh and inspect scripts to confirm you accept files written under ~/.openclaw and ~/.agents and any systemd/launchd unit files if you plan to enable the service. 3) Prefer running in a controlled environment (VM/container) if you are unsure, and avoid running service_install.sh until you trust the binaries. 4) Note the minor mismatch: setup.sh may require Go to build the MCP binary even though 'go' is optional — install steps can fetch and compile remote code.config/mcporter.json:4
Install source points to URL shortener or raw IP.
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.Like a lobster shell, security has layers — review code before you run it.
latestvk978sknrnz7qzfktgfsgpnpgm1833xt4mcpvk978sknrnz7qzfktgfsgpnpgm1833xt4openclawvk978sknrnz7qzfktgfsgpnpgm1833xt4xiaohongshuvk978sknrnz7qzfktgfsgpnpgm1833xt4
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
📕 Clawdis
Binsbash, mcporter, python3, jq
Install
Install mcporter (node)
Bins: mcporter
npm i -g mcporter