xhs-prohibited-word(小红书违禁词查询)
PassAudited by ClawScan on May 10, 2026.
Overview
This skill is a coherent prohibited-word checker, but it sends submitted text to an external API and includes an opt-in TLS-verification bypass users should understand.
Before installing, confirm you are comfortable sending selected text, document contents, or webpage text to the external detection API. Keep TLS verification enabled, avoid confidential drafts unless appropriate, and install the listed Python/Playwright dependencies from trusted sources.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Text from pasted content, selected files, or extracted webpages may be transmitted to the external detection service.
The user’s submitted copy is sent to a third-party API endpoint for detection. This fits the skill’s purpose, but it means private drafts or business content leave the local environment.
_DEFAULT_SENSITIVE_API_URL = "https://onetotenvip.com/story/cozeSkill/sensitiveWordSearch" ... payload = {"content": content, "platform": "小红书", "source": "小红书违禁词查询-ClawHub"}Use the skill only with content you are comfortable sending to that service, and the maintainer should clearly disclose the endpoint and data-handling expectations.
If TLS verification is turned off, submitted text could be exposed to interception or tampering on the network.
The script contains a code path that disables TLS certificate verification when ssl_verify is false, though detection defaults to verification enabled unless an environment variable disables it.
ctx.check_hostname = False ctx.verify_mode = ssl.CERT_NONE
Keep TLS verification enabled, and avoid setting XHS_SENSITIVE_WORD_VERIFY_SSL to 0/false/no unless there is a controlled and well-understood reason.
Accidentally providing the wrong file path or URL could process unintended content; unsafe shell quoting could also be risky in some agent runtimes.
The workflow passes user-controlled text, file paths, and URLs into a local script. This is central to the skill, but it should be done with safe argument passing and only for user-intended files or URLs.
直接调用 `python scripts/check_sensitive_words.py --content="文案内容"` ... `--file=/path/to/file.txt --extract-only` ... `--url=https://example.com --extract-only`
Provide only intended files/URLs, and the runtime or maintainer should invoke the Python script with structured arguments rather than unsafe shell string interpolation.
The skill may require extra package/browser installation before it works, which adds normal dependency provenance considerations.
The skill depends on third-party Python packages and a Playwright browser download, while the registry install section says there is no install spec.
dependency:
python:
- python-docx==1.1.0
- beautifulsoup4==4.12.3
- playwright==1.58.0
system:
- playwright install chromiumInstall dependencies from trusted package repositories in an isolated environment, and document the setup steps in registry metadata if possible.