ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

xiaohongshu-mcp-skill

v1.0.0

Operate Xiaohongshu (小红书/RED) via local MCP service. Use when user wants to search notes, publish content (image/video), interact with posts (like/comment/fa...

4· 3.2k·22 current·23 all-time
byAndy Xie@palmpalm7
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description say it operates Xiaohongshu via a local MCP service; all declared instructions and references target a localhost MCP server and local login binaries (xpzouying/xiaohongshu-mcp). No unrelated cloud credentials, exotic binaries, or hidden external endpoints are requested.
Instruction Scope
SKILL.md and references only instruct contacting http://localhost:18060/mcp, starting local binaries, and using local cookies and files for publishing — which is within scope. Minor issues: instructions include an author-specific absolute path (/Users/handi7/...) that won't apply to most users and the workflow expects running a local login binary that will download Chromium and store cookies.json (session data).
Install Mechanism
No automated install spec in the skill bundle; deploy docs instruct downloading prebuilt binaries from the GitHub Releases of xpzouying/xiaohongshu-mcp (a reasonable, traceable source). The deploy step extracts archives and runs binaries locally — standard but users should verify release integrity before running.
Credentials
The skill requests no environment variables, no external credentials, and only uses local files like cookies.json and local media files for publishing — proportional to its stated function of controlling a local MCP service and posting on the user's Xiaohongshu account.
Persistence & Privilege
Skill is instruction-only, not always:true, and does not modify other skills or system-wide settings. It does rely on a local long-running service (MCP) that, once running, can perform account actions — which is expected given its purpose.
Assessment
This skill controls a local service that can post, like, and comment using your Xiaohongshu account, so only install it if you trust the xpzouying project and the prebuilt binaries. Before running: (1) verify the GitHub release you download (check checksums/signatures if available), (2) inspect binaries or run them in a sandbox or VM if you are unsure, (3) protect the cookies.json file (it contains session credentials), and (4) be cautious about granting the agent autonomous invocation — an agent using this skill could post or interact on your behalf. Also update file paths in the docs to match your system rather than running commands with the hardcoded author path.

Like a lobster shell, security has layers — review code before you run it.

latestvk975jhssfkamzwt22d1akacdj5821jx6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments