Back to skill
Skillv1.0.0
VirusTotal security
xiaohongshu-auto-poster · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousMar 31, 2026, 3:01 PM
- Hash
- 2a22775be64f454c62179154ab31e69d7b7bce489129e8bd7477ab5ec6637752
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: xiaohongshu-auto-poster Version: 1.0.0 The skill bundle requires users to download and execute pre-compiled binaries from an external GitHub repository (xpzouying/xiaohongshu-mcp) and provides explicit instructions for establishing persistence on macOS via LaunchAgents (references/setup.md). While these capabilities are aligned with the stated goal of automating Xiaohongshu posts through a local MCP service, the promotion of unverified binary execution and automated startup persistence represents a high-risk pattern often used for malware delivery.
- External report
- View on VirusTotal