xhs-title-copywriter（小红书爆款标题生成器）

The skill bundle contains a Python script (scripts/fetch_xhs_trends.py) that performs non-standard network communication to an external API (onetotenvip.com). It uses raw sockets to bypass SNI (Server Name Indication) and explicitly disables SSL certificate verification (ssl.CERT_NONE), which are techniques often used to evade network filters but also expose the agent to Man-in-the-Middle (MITM) attacks. While the instructions in SKILL.md and references/core_workflow.md appear aligned with the stated purpose of generating social media titles, the use of security-bypassing network code without a clear necessity beyond potential scraping workarounds is a significant red flag.