Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Xiaohongshu Hot Daily
v3.1.0📕 小红书热榜日报 v3.1 - 使用浏览器获取真实数据!支持定时任务和数据分析。自媒体运营必备!免费使用,定制开发请联系作者。
⭐ 0· 141·1 current·1 all-time
by蓝天@qq853632587
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description claim browser-based scraping of Xiaohongshu; required binaries (python3, agent-browser) and fetch_hot.py align with that. Minor mismatches: README/package.json advertise multi-channel push, AI摘要, and Pro features (Telegram/微信/邮件 push, multi-channel) that are not present in the included Python code (which only fetches, formats, prints, and can save JSON). Versions in files also differ (fetch_hot.py header v3.0.0, package.json v3.1.0, _meta.json v2.1.0) — likely sloppy packaging rather than malicious.
Instruction Scope
SKILL.md instructs the agent/user to install agent-browser and run the Python script; runtime instructions are limited to opening Xiaohongshu and evaluating JS via agent-browser. No instructions to read unrelated system files, collect credentials, or transmit data to third-party endpoints. However, a prompt-injection scanner flagged unicode-control-chars in SKILL.md (see scan findings), which could be an attempt to hide or alter visible instructions—this warrants manual review of the SKILL.md for invisible characters before trusting it.
Install Mechanism
No install spec provided by the registry (instruction-only skill + local files). The only external component is agent-browser (declared), which the instructions tell the user to install; agent-browser will download Chromium at first run (noted in SKILL.md). There are no arbitrary download URLs or extract steps in the skill bundle itself.
Credentials
The skill requests no environment variables or credentials. Requiring agent-browser and Python is proportionate to a browser-driven scraper. There are no declarations asking for unrelated secrets or config paths.
Persistence & Privilege
Skill does not request always:true, does not modify other skills, and has no install-time hooks in the registry spec. It runs as a normal user-level script and relies on agent-browser for browsing; no elevated persistence requested.
Scan Findings in Context
[unicode-control-chars] unexpected: Scanner detected Unicode control / invisible characters in SKILL.md. This is not required for a scraper and could be used to obfuscate or alter displayed instructions; manual inspection of the SKILL.md (raw bytes) is recommended before installation.
What to consider before installing
This skill appears to do what it says (use a headless browser via agent-browser to scrape Xiaohongshu) and does not request credentials, but take these precautions: 1) Inspect SKILL.md and README in a raw text editor for hidden/unicode-control characters flagged by the scanner — remove or reject if anything looks obfuscated. 2) Verify 'agent-browser' is a trusted CLI (it will download Chromium on first run); consider running the script in a sandbox or isolated environment first. 3) Note the README/package.json mention push/multi-channel features and a Pro tier that are not implemented in fetch_hot.py — treat those claims as marketing, not implemented functionality. 4) Check agent-browser output parsing in fetch_hot.py locally (the script assumes a specific JSON structure from agent-browser) and run with --quiet/--output in a safe directory. 5) If you need higher assurance, request the upstream source/release on the listed GitHub homepage and confirm package integrity and recent commits before using in production.Like a lobster shell, security has layers — review code before you run it.
latestvk971fe9m8mptepkjr2wjk2vq5x83tcbk
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
📕 Clawdis
Binspython3, agent-browser