ClawHub
Back to skill
v1.0.0

小红书视频下载器

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:55 AM.

Analysis

The downloader appears aligned with its purpose, but it defaults to using your browser login cookies and has under-declared runtime/dependency behavior, so it should be reviewed carefully before installation.

GuidanceBefore installing, confirm you are comfortable with a local script using your browser login cookies for Xiaohongshu and writing video resources under Downloads. Prefer a dedicated browser profile, review the Python scripts and dependencies, and avoid using it on private or sensitive content unless you understand where transcripts, URLs, and summaries will be stored and processed.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
scripts/parallel_transcribe.py
# dependencies = [
#     "faster-whisper>=1.0.0",
# ]

The transcription helper declares a loose third-party dependency. Combined with the documented uv-based automatic dependency management, fallback transcription can execute changing package versions rather than a pinned, locked dependency set.

User impactIf Whisper fallback is used, additional third-party Python code may be installed or run locally.
RecommendationPin dependency versions, provide a lockfile or install spec, and make runtime dependency installation explicit before use.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceHighStatusConcern
SKILL.md
`--browser` | Browser for cookies (`chrome`, `firefox`, `safari`, `none`) | `chrome`; `Log into xiaohongshu.com in your browser before downloading`

The skill defaults to using local browser cookies/session state for Xiaohongshu authentication. This is purpose-aligned, but it is high-impact credential/profile access and the registry metadata declares no primary credential or required config paths.

User impactRunning the skill may let the local script and yt-dlp use your logged-in browser session to access Xiaohongshu content.
RecommendationOnly install if you trust the skill code and yt-dlp cookie handling; consider using `--browser none` where possible, or a dedicated browser/profile logged into only Xiaohongshu.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityLowConfidenceMediumStatusNote
reference/summary-prompt.md
### Transcript

```
{{TRANSCRIPT}}
```

Downloaded video transcripts are inserted directly into the AI summary prompt. That is expected for summarization, but transcript text is untrusted content and may contain instruction-like text.

User impactA malicious or misleading transcript could try to influence the generated summary or the agent’s behavior during summarization.
RecommendationTreat transcript contents as data only, ignore instructions contained in transcripts, and avoid summarizing private or sensitive videos unless you are comfortable sending that text to the model context.