Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
小红书达人笔记质检 for bbt
v1.0.2对小红书达人笔记做品牌词、必带话题、@官号、调性、链接与广告法/竞品合规的自动化质检, 输出结构化报告;品牌名正确/错误写法分表(assets/brand-names-correct.txt / assets/brand-names-wrong.txt), 并支持在 skill 目录内更新各词表文件。在用户粘贴小...
⭐ 0· 109·0 current·0 all-time
byWan Wei@wandervine
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match what the skill does: reading local brand/topic/compliance wordlists and performing QC on Xiaohongshu notes. The provided shell/Python fetch scripts and assets are appropriate and expected for that purpose; no unrelated credentials, binaries, or external services are requested.
Instruction Scope
SKILL.md instructs the agent to (a) read assets in the skill directory, (b) run the included fetch scripts against user-supplied Xiaohongshu URLs, and (c) perform file updates when the user requests '更新词表'. This is consistent with the purpose, but the ability to perform whole-file replacements of files inside the skill directory is a capability to note: it allows arbitrary changes to asset/markdown files (not arbitrary external endpoints). Also, official-account checks are specified in a human-readable references file rather than a structured asset; that may cause brittle exact-match behavior unless the agent implements the human rules correctly.
Install Mechanism
Instruction-only skill with no install spec. The two included scripts are local and use only standard system tools (curl, sed, awk, python3). Nothing is downloaded from external or untrusted URLs during install.
Credentials
The skill declares no required environment variables, no credentials, and no config paths beyond its own skill directory. The scripts do network GETs only to URLs supplied by the user (Xiaohongshu links), which is appropriate for the stated functionality.
Persistence & Privilege
always:false and no cross-skill modifications requested. The skill does instruct the agent to update files inside its own skill directory (assets and references) per user requests; this self-contained write capability is expected for maintaining wordlists but should be considered when deciding whether to allow the agent to perform edits automatically.
Assessment
This skill is coherent with its goal: it reads local wordlists, fetches content from user-provided Xiaohongshu URLs, and runs checks described in SKILL.md. Things to consider before enabling: (1) The agent will make HTTP GET requests to URLs provided by users — those endpoints will see requests from the runtime environment. (2) The skill allows whole-file replacements of files inside its own skill directory when the user asks to '更新词表' — only allow this if you trust the agent/user input and prefer edits to be limited to non-executable asset files (txt/md). (3) The official-account validation logic is documented in a markdown file rather than a structured list; verify this meets your exact matching needs. If you want to tighten safety, require manual confirmation before the agent writes skill files and run the fetch scripts in a network-restricted sandbox.Like a lobster shell, security has layers — review code before you run it.
latestvk977nfzrj83ja44frc93rrghzx83x1v6
License
MIT-0
Free to use, modify, and redistribute. No attribution required.