Back to skill
Skillv1.1.0
VirusTotal security
小红书 Mac Controller · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:46 AM
- Hash
- f3094a792211974430fca375a99ac7f062f781031a8d5de94db688995f19272a
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: xhs-mac-mcp Version: 1.1.0 This skill is classified as suspicious due to its extensive use of macOS Accessibility APIs and system commands, which grant powerful control over the user's system and other applications. Specifically, `xhs_controller.py` uses `subprocess.run` to execute utilities like `cliclick`, `osascript`, `screencapture`, `yt-dlp`, and `ffmpeg`. The `index.ts` plugin further executes Python code via `uv run ... python -c "..."`, a pattern that carries inherent command injection risks if not perfectly sanitized, even with `JSON.stringify` for parameters. Additionally, hardcoded paths for `SKILL_DIR` in `index.ts` and `CLICLICK` in `xhs_controller.py` represent robustness vulnerabilities. While these capabilities are necessary for the skill's stated purpose of controlling the Xiaohongshu app, their inherent power and the presence of these vulnerabilities elevate the risk beyond benign, despite no clear evidence of intentional malicious behavior like data exfiltration or persistence.
- External report
- View on VirusTotal