Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
xhs-skill-pusher
v1.0.0小红书内容发布技能 - 规范化cookie管理 + xhs-kit自动化发布
⭐ 0· 214·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description (cookie management + xhs-kit publishing) align with the included scripts and CLI tool. Declared requirements (none) and the documented installation (python xhs-kit, Playwright) are consistent with the stated purpose.
Instruction Scope
SKILL.md and the scripts operate purely on local files (xhs_cookies/, cookies.json) and call xhs-kit for publishing. They do print cookie-derived fields (user IDs) and copy/overwrite DEFAULT_COOKIE (cookies.json) in the working directory. The Node CLI and shell scripts build and execute shell commands using user-supplied values (titles, content, cookie filenames); those command constructions use string interpolation and execSync with a shell, which can introduce command-injection risk if untrusted input is passed. The instructions also recommend pushing to GitHub — users must ensure no cookies are committed.
Install Mechanism
No install spec provided to the platform (instruction-only); the SKILL.md instructs installing Python packages (xhs-kit, Playwright) and npm dependencies. Those are standard for this task; no remote archive downloads or opaque installers are included in the bundle itself.
Credentials
The skill requests no environment variables or platform credentials. It intentionally uses local file-based storage for cookies. This is proportionate to its purpose. Note: it will create/overwrite cookies.json in the working directory and copies cookie files into project paths, so file access is required.
Persistence & Privilege
always is false; the skill does not request permanent or elevated agent privileges. It writes files inside the skill/project workspace (cookie store, created docs/scripts) and creates a Python venv — standard for local tooling and within expected scope.
Assessment
This package appears to do what it says (manage local Xiaohongshu cookies and call xhs-kit to publish). Before installing or running it, consider: 1) Cookies are sensitive — never commit xhs_cookies/*.json or cookies.json to a public repo; follow the README but add .gitignore entries. 2) Limit file permissions on the cookie directory (chmod 700 or similar). 3) The scripts and the Node CLI build shell commands by interpolating user-supplied values (title, content, cookie names) and call execSync or run embedded python -c strings; avoid running this on untrusted inputs and review/escape any values you plan to supply programmatically to prevent command injection. 4) The tool copies cookie files into cookies.json (DEFAULT_COOKIE) and may overwrite an existing file — back up any important cookies before use. 5) Ensure xhs-kit and Playwright packages you install are from trusted sources. If you want a lower-risk usage pattern, run the scripts in an isolated environment (dedicated VM/container) and review/modify code to use spawn/execFile or explicit argument arrays instead of shell-interpolated exec strings.bin/xhs-pusher.mjs:47
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
automationvk975nh7ycdnwkyjb0nj059jwcn82wc5jcookie-managervk975nh7ycdnwkyjb0nj059jwcn82wc5jlatestvk975nh7ycdnwkyjb0nj059jwcn82wc5jxhsvk975nh7ycdnwkyjb0nj059jwcn82wc5jxiaohongshuvk975nh7ycdnwkyjb0nj059jwcn82wc5j
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🚀 Clawdis