Back to skill
Skillv1.0.100
VirusTotal security
ZeeLin 小红书自动发布 · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 6:39 AM
- Hash
- c02c2908c645d92ad92639d53b5cd1a5ab6f0114427303fd5c08f4b97d9baf80
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: zeelin-xiaohongshu-autopost Version: 1.0.100 The bundle provides a complete pipeline for automating Xiaohongshu (XHS) content creation and publication. It contains several scripts (e.g., post_xiaohongshu.sh and cdp_xhs_publish_v5.py) that utilize high-risk capabilities, including direct browser automation via the Chrome DevTools Protocol (CDP) to control a logged-in user session. These scripts programmatically navigate the XHS creator center, bypass popups, inject text into editors, and trigger the 'Publish' action. While these behaviors are aligned with the stated purpose of 'auto-posting,' the use of raw websocket connections to interact with the browser and the potential for prompt injection via user-controlled topics (which could lead to unauthorized content being posted) represent significant security risks.
- External report
- View on VirusTotal