v1.0.3

Kay Xhs

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:16 AM.

Analysis

This skill matches its stated Xiaohongshu content workflow, but it uses a logged-in browser account and can create account drafts automatically, so it should be reviewed carefully before installation.

GuidanceInstall only if you are comfortable letting the agent operate a logged-in Xiaohongshu creator account. Use a dedicated browser profile, verify the account before each run, keep KIE_API_KEY only in the intended kay-image configuration, and review all scraped material and generated drafts before publishing.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityLowConfidenceHighStatusNote

SKILL.md

`performance.getEntriesByType('resource').filter(e => e.name.includes('xhscdn.com')...)` and `document.querySelectorAll('[class*="comment"]')`

The skill documents raw browser JavaScript that extracts loaded image URLs and comments from Xiaohongshu pages. This is aligned with its research purpose, but it is broad browser-page extraction.

User impactThe agent may collect more page content than expected, such as image resources, captions, authors, and comments from viewed posts.

RecommendationRun it only on pages you intend to analyze, avoid private or sensitive pages, and review scraped material before using it in generated content.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceMediumStatusNote

优化完成-批量生图.md

`cd /Users/papaya/.openclaw/workspace-xhs-manager/skills/kie-image` ... `./kie-image-batch -b examples/batch-example.json -o ./test`

An included ancillary document references an older or separate local executable and an absolute user-specific path, while the main skill metadata declares kay-image as the dependency.

User impactA user could be confused into running a different local helper than the declared kay-image dependency.

RecommendationVerify which image-generation skill is intended, prefer the declared kay-image dependency, and do not run stale kie-image commands unless you trust and intentionally installed that tool.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusConcern

SKILL.md

**工具:** `browser` (openclaw profile) ... `https://creator.xiaohongshu.com` ... `检查登录状态` ... `**自动发布** - 保存到小红书草稿箱`

The workflow uses the user's logged-in browser profile to access a Xiaohongshu creator account and save drafts, which is account-level authority and persistent account mutation.

User impactIf run with the wrong browser profile or without review, the agent could create drafts in the wrong Xiaohongshu account or upload content the user did not intend to keep.

RecommendationUse a dedicated browser profile/account, confirm the active account before running, and require explicit user approval before saving or publishing any draft.