Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
PigBun RedNote
v0.8.1小红书AI运营工具,支持搜索、发布笔记,评论管理,社交互动及数据分析的一站式自动化解决方案。
⭐ 0· 527·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill advertises Xiaohongshu (小红书) automation (search, publish, comment, analytics) and its instructions require an API key from pigbunai.com plus Playwright and a browser QR-login. Those dependencies are plausible for a web-automation/integration skill, but pigbunai.com is an intermediary service (not the official platform) and the SKILL.md provides no provenance or guarantees about what that third party does with requests or data.
Instruction Scope
Instructions are concrete (install Playwright, obtain API key, run `openclaw rednote init` to scan and login). They do not ask the agent to read unrelated system files or environment variables. However, they are vague about what `openclaw rednote init` does (where session tokens are stored, whether credentials or cookies are transmitted to pigbunai.com, retention policy), which matters because the skill will act on the user's account (publish/delete/comment).
Install Mechanism
This is an instruction-only skill with no install spec or code files — lowest install risk. It tells the user to run `npx playwright install chromium`, which is a normal requirement for browser automation and not itself suspicious. No downloads from unknown URLs or archive extraction are specified by the skill.
Credentials
The skill asks the user to supply an API key from pigbunai.com in the OpenClaw plugin config (not via environment variables). Requesting an API key for a third‑party service that proxies Xiaohongshu is proportionate for this functionality, but because the key grants remote control over operations (search, publish, comment) and the SKILL.md offers no details on the key's scope or what data pigbunai.com will see/store, this is a potential credential/exfiltration concern. The registry metadata shows no declared required env vars, so there is no explicit listing of where secrets are stored or protected.
Persistence & Privilege
always:false (normal). The skill requires an interactive QR login step which likely creates persistent session tokens allowing future automated actions; the skill does not describe how/session tokens are stored or how to revoke them. Autonomous invocation is allowed by default (not flagged by itself) — combined with stored session tokens and a third‑party API, this could permit ongoing actions on the user's account if not carefully managed.
What to consider before installing
This skill appears to do what it says (web automation for 小红书) but depends on a third‑party service (pigbunai.com) and an interactive QR login whose token storage/handling are unspecified. Before installing: 1) Verify pigbunai.com is trustworthy (company, privacy/terms, contact); 2) Ask the skill/vendor for source code or a clear description of what `openclaw rednote init` stores and where session tokens/API requests are sent; 3) Use a throwaway or test Xiaohongshu account when first trying it; 4) Limit the plugin to specific tasks and disable it when not needed; 5) Check OpenClaw plugin config storage and rotation/revocation options for the apiKey; 6) Avoid giving it high-value accounts (payment info, business accounts) until you confirm behavior; 7) If you need a higher assurance, request a signed/hosted implementation or audited code before use.Like a lobster shell, security has layers — review code before you run it.
latestvk97eb62xkb7ncxq5d78pxmbdwx81t5qz
License
MIT-0
Free to use, modify, and redistribute. No attribution required.