Xiaohongshu Proxy Manager
ReviewAudited by ClawScan on May 10, 2026.
Overview
This skill openly helps route multiple Xiaohongshu accounts through different proxies to avoid bans or abuse detection, and it stores proxy credentials locally.
Review this carefully before installing. It appears to be a proxy/account-management tool rather than data-stealing malware, but its documented use is to help multiple Xiaohongshu accounts avoid detection or bans. If you use it, keep proxy credentials out of logs and repositories, verify the misnamed install file, and do not use it for unauthorized or deceptive platform activity.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using this skill as documented could help an agent operate multiple public-platform accounts in a way intended to bypass platform anti-abuse controls, which may cause account bans, policy violations, or deceptive public activity.
The skill is explicitly framed as using proxies for multi-account Xiaohongshu operation, avoiding bans or '刷量' detection, and routing publishing through proxies.
为小红书多账号运营实现 IP 隔离,每个账号使用不同 IP,避免同 IP 多账号被封。 ... 避免平台判定为"刷量" ... curl -x "$PROXY" https://api.xiaohongshu.com/publish
Only use proxy routing for legitimate, authorized purposes. Require explicit user approval before using proxies for account activity or publishing, and avoid workflows intended to evade bans or fake normal user behavior.
Anyone who can read the config file, terminal output, shell history, or logs may see proxy credentials.
The tool stores proxy usernames/passwords in its local JSON config and prints them in proxy URLs when exporting configuration.
"username": args.username or "",
"password": args.password or "",
...
proxy_url += f"{proxy['username']}:{proxy['password']}@"
...
print(f" HTTP_PROXY={proxy_url}")Use dedicated low-privilege proxy credentials, restrict file permissions, avoid logging proxy URLs with passwords, and prefer environment variables or secret storage where possible.
Misnamed executable content can confuse users and reviewers about what files are data versus runnable scripts.
A file named like a JSON proxy configuration actually contains a shell install script. The script content appears benign and there is no install spec showing automatic execution, but the mismatch is a packaging/provenance anomaly.
#!/bin/bash # 小红书代理管理器安装脚本
Verify files before running them, remove or rename the mispackaged file, and publish a clear install spec with declared dependencies.