Xiaohongshu Suggest Keywords
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill appears benign: it automates a browser to collect Xiaohongshu search suggestions, with no code install or credentials, though the searched keywords may be sent through your browser session.
Before installing, make sure you are comfortable with an agent opening Xiaohongshu in a browser and sending your chosen keywords to the site. Avoid entering sensitive terms, and consider using a logged-out or separate browser session if account association matters to you.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may open Xiaohongshu and enter the keywords you provide, so those terms may be visible to that website.
The skill directs the agent to use browser automation against an external website. This is expected for the stated purpose and is bounded to collecting autocomplete suggestions.
This skill relies on the `browser` tool for browser automation.
Use it only for non-sensitive keyword research, and review the browser actions if you are concerned about what is being entered.
If you are logged in, Xiaohongshu may associate the keyword lookups with your account or session.
The skill may operate while the browser is logged in to Xiaohongshu, which could associate keyword lookups with the user's account. The artifacts do not show credential collection, token handling, or account mutation.
**Login status**: Some content may require login to view complete suggestions
Use a logged-out browser session or a separate account if you do not want these lookups tied to your main Xiaohongshu account.