Back to skill
Skillv1.1.0
ClawScan security
xhs-note-health · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 10, 2026, 9:54 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and requirements align with its stated purpose: it uses a user-supplied Xiaohongshu creator cookies file to call the creator API, analyze note levels and sensitive words, and produce a report.
- Guidance
- This skill is coherent with its purpose but requires your Xiaohongshu creator cookies (sensitive). Before running: (1) review check.py to verify behavior (it only calls creator.xiaohongshu.com and writes local reports); (2) supply cookies from creator.xiaohongshu.com only and avoid uploading them to external services; (3) run in a local or isolated environment; (4) if you export cookies from your browser, prefer exporting only the creator domain and store the file with restricted permissions; (5) revoke or re-export cookies after use if you have concerns. If you need higher assurance, run the script manually rather than granting autonomous agent invocation.
Review Dimensions
- Purpose & Capability
- okThe skill claims to detect Xiaohongshu note throttling and the included check.py performs exactly that: it loads browser-exported creator cookies, calls the creator.xiaohongshu.com API, reads per-note level fields, detects sensitive words, and generates reports. No unrelated services, credentials, or binaries are requested.
- Instruction Scope
- okSKILL.md instructs the agent to run check.py and provide a cookies JSON. The script only reads the specified cookies file, calls the Xiaohongshu creator API, and writes/prints reports. It does not read other system files, access environment variables, or transmit data to third-party endpoints beyond creator.xiaohongshu.com.
- Install Mechanism
- okThere is no install spec; this is an instruction-only skill with one Python script requiring the public requests library. That is proportionate to the described functionality.
- Credentials
- okNo environment variables or unrelated secrets are requested. The skill requires a browser-exported cookies JSON (sensitive, but necessary) — the default path is provided but can be overridden with --cookies.
- Persistence & Privilege
- okThe skill does not request always:true or other elevated persistence. It does not attempt to modify other skills or system-wide agent settings.