ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

小红书 - RedNote

v1.2.4

小红书全能助手 — 文案生成、封面制作、内容发布与管理。当用户要求写小红书笔记、生成小红书文案/标题/封面、发小红书、搜索小红书、评论点赞收藏等任何小红书相关操作时使用。支持一站式从文案创作到自动发布的完整流程。封面AI生图需配置可选环境变量(GEMINI_API_KEY 或 IMG_API_KEY 或 HUNY...

20· 3.2k·14 current·15 all-time
byhiyu@hi-yu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill claims to generate copy, create covers, and control Xiaohongshu via a local MCP service. The included scripts implement these features (text generation fallback, AI image generation, and MCP calls), so capabilities align with the stated purpose.
!
Instruction Scope
Runtime instructions and scripts read a user config file (~/.openclaw/openclaw.json) when asked, call local MCP at http://localhost:18060, and run check_env.sh which attempts to start/stop system services (xvfb, xhs-mcp) and launch a binary from ~/xiaohongshu-mcp. These actions go beyond simple API calls and modify/launch local services and processes, which is powerful and may be unexpected to non-technical users.
Install Mechanism
No install spec (instruction-only plus included scripts). There are no network-download install steps in the manifest. The risk comes from executing provided scripts, not from an external installer; this is lower risk than fetching arbitrary executables, but executing included scripts still runs code on the host.
Credentials
The manifest declares no required env vars, but scripts use many sensitive environment variables (GEMINI_API_KEY, IMG_API_KEY, HUNYUAN_SECRET_ID/KEY, IMG_API_BASE, XHS_AI_API_KEY/URL/MODEL, XHS_MCP_URL, etc.). Those variables are consistent with optional image-generation and API fallback features, but the manifest does not enumerate them as required/optional, which is a transparency gap. Supplying cloud API credentials is appropriate for image/text generation but carries sensitive privilege.
Persistence & Privilege
Skill is not marked always:true and does not self-enable other skills. However, check_env.sh may start persistent services (systemd units or background processes) and expects a local MCP binary under ~/xiaohongshu-mcp — the skill can cause long-running processes to be created on the host if executed.
What to consider before installing
This skill largely does what it claims, but exercise caution before installing or running its scripts: - Review and understand the scripts (check_env.sh, cover.sh, generate.sh) before running them. They will try to start/launch local services (Xvfb, xhs-mcp) and run a binary from ~/xiaohongshu-mcp. - Do not supply API keys (Gemini, OpenAI-compatible IMG_API_KEY, HUNYUAN_SECRET_ID/KEY, XHS_AI_API_KEY, etc.) unless you trust the code and the deployed environment; these are sensitive credentials that will be sent to external services. - The skill reads ~/.openclaw/openclaw.json when asked for available models; consider whether that config contains sensitive info you do not want read. Ask the agent explicitly before it reads local configs. - If you need to test, run the scripts in an isolated environment (container or VM) and inspect network calls (e.g., with tcpdump) and logs to confirm behavior. - If you plan to use the MCP/publishing features, independently verify the origin and integrity of the ~/xiaohongshu-mcp binary before placing it in your home directory. If you are uncomfortable with starting local services or providing cloud API keys, avoid installing or invoking this skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk97739ykbm80752b8e17qsnb6981z53h

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📕 Clawdis
Binsconvert
Any bincurl

Comments