ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Xiaohongshu CLI

v0.1.0

Install and use the `xhs-cli` terminal client for Xiaohongshu (小红书, RedNote, XHS). Use when Codex needs shell-driven Xiaohongshu operations such as checking...

0· 323·0 current·0 all-time
by@laosuan
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name and description match the runtime instructions: all commands, install suggestions (uv, pipx), and repo references point to a Xiaohongshu terminal client. There are no unrelated env vars, binaries, or config paths requested.
Instruction Scope
The SKILL.md restricts actions to installing and using xhs-cli and documents read/write operations (search, read, like, comment, post, delete). It notes that xhs login may try saved/local Chrome cookies and that manual cookie input should not be pasted into chat — this is relevant because the CLI may access local browser session data. The instructions do not direct the agent to exfiltrate data to third-party endpoints outside the CLI’s normal operations.
Install Mechanism
This is instruction-only; no install spec included. Suggested installs are via 'uv tool install' or 'pipx', and a GitHub checkout is given only for development — all are standard, low-risk installation routes. No arbitrary download URLs or extract operations are used in the skill itself.
Credentials
The skill does not request environment variables or credentials. However, the CLI workflow can access or reuse local browser cookies/session state for authentication and can perform account write actions; users should be aware that local cookie access and authenticated operations are expected behaviors of the CLI and require user consent.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request permanent inclusion or modify other skills. The agent may invoke the skill autonomously (platform default), and because the CLI supports write operations, administrators should be mindful of letting an autonomous agent perform account actions.
Assessment
This skill is an instruction-only helper for the xhs-cli terminal tool and appears consistent with that purpose. Before installing or allowing an agent to use it, confirm you trust the upstream project (check the GitHub repo and PyPI package), prefer interactive login flows (avoid pasting cookies into chat), and be aware that the CLI may read local browser session cookies to authenticate. Because the CLI can perform writes (post, comment, delete), only grant the agent permission to run these commands if you want it to act on your account. If you are uncomfortable with automated account actions, restrict the agent from invoking the skill autonomously or require explicit approval for write operations.

Like a lobster shell, security has layers — review code before you run it.

latestvk971eypmg7d051pae6ngxn1nk982pgkv

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments