ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

xhs-auto

v1.0.0

小红书自动化发布流程,串联主题输入、图像生成、文案草拟与 debug 发布校验。

1· 434·3 current·3 all-time
byWeizheng Lu@luweizheng
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
Name/description match the included scripts and the xhs-kit publishing flow. Requested binaries (bash, curl, jq, base64, xhs-kit) are appropriate. However, the registry metadata declares no required environment variables while both scripts and documentation require sensitive API keys (GOOGLE_API_KEY/GEMINI_API_KEY and/or SEED_API_KEY). That undeclared credential requirement is an incoherence.
Instruction Scope
SKILL.md instructs the agent to generate text and images, save outputs under ${workspace}/xhs-auto/{timestamp}, and call xhs-kit debug-publish — all within the stated purpose. The scripts will read environment variables for API keys and will transmit prompts and (for edit mode) image bytes to external OpenAI-compatible endpoints; this is expected for image generation but means user-supplied images or prompts will be sent off-host.
Install Mechanism
No install spec (instruction-only skill) and included code files are local. Nothing in the manifest pulls arbitrary remote installers or archives. The README suggests installing public packages (pip, playwright) which is normal.
!
Credentials
The skill requires API keys for external model gateways (Google/Gemini or ByteDance Seed) but the registry lists no required env vars. Those keys are sensitive and will be used to make external network calls; the omission from the declared requirements is a mismatch and reduces transparency. xhs-kit may also require login credentials for real publishing (not needed for debug), which the docs mention.
Persistence & Privilege
The skill does not request always: true and does not modify other skills. It writes outputs into a workspace subdirectory (documented) and does not request system-wide privileges.
What to consider before installing
This skill appears to implement the advertised Xiaohongshu automation flow, but it expects you to provide model gateway API keys (GOOGLE/GEMINI or SEED) even though the registry metadata doesn't declare them. Before installing: (1) Review and be comfortable with the included scripts (they are plain Bash/Python and call external API endpoints). (2) Understand that any prompt text and any base images you pass to the tool will be uploaded to the configured external gateway (so avoid sending sensitive/private images or text). (3) Only provide API keys with limited scope or dedicated/test keys, and consider using a proxy/gateway you control. (4) Verify trustworthiness of xhs-kit (pip package) before granting publish credentials for real posting. (5) Test in a sandbox or VM, and use the documented debug-publish mode (which claims not to perform an actual publish) before attempting a real publish. The primary issue is transparency about required credentials — correct that omission or proceed only after accepting the privacy/network implications.

Like a lobster shell, security has layers — review code before you run it.

latestvk974xe4594w7cdm918fyahk605824nm6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🤖 Clawdis
Binsbash, curl, jq, base64, xhs-kit

Comments