ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Xiaohongshu Copywriter

v1.4.0

专业小红书爆款文案创作与爆款笔记结构仿写,提升内容互动率,支持多平台内容改编与精准标签推荐。

0· 57·0 current·0 all-time
bymumu@ysy88092144
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name, description, README and SKILL.md consistently describe a Xiaohongshu (小红书) copywriting assistant that generates titles, bodies, emoji and tag suggestions and can '仿写'爆款笔记. That capability matches the declared lack of binaries, install, and code files. One inconsistency: the README/SKILL.md reference a Pro API Key (example 'sk-xxxxx-xxxxxxxx') and Pro features (API-based '一键分发'), but the skill metadata declares no required environment variables or credentials — this gap is unexplained.
!
Instruction Scope
The SKILL.md is primarily templates and step-by-step content-generation instructions, which is appropriate. However: (1) it instructs users to provide a Xiaohongshu note URL for '结构分析/仿写' but gives no guidance about how the agent should fetch that content (no declared network endpoints or authentication), so an agent could be instructed to fetch remote content or ask the user to paste it — ambiguous scope. (2) A pre-scan detected 'unicode-control-chars' prompt-injection patterns inside SKILL.md, which can be used to try to manipulate the agent's behavior. These make the instruction scope suspicious.
Install Mechanism
No install spec and no code files — instruction-only — so nothing will be downloaded or written to disk by the installer. This is the lowest-risk install surface.
Credentials
The skill metadata lists no required environment variables or credentials, which fits a template/assistant. But the README and SKILL.md describe Pro functionality that requires an API Key and also mention one-time configuration commands. The absence of declared required env vars for an API Key is an unexplained mismatch and should be clarified before providing any keys.
Persistence & Privilege
Flags show always:false and default autonomous invocation allowed. The skill does not request persistent presence or system-wide configuration, and as instruction-only it cannot modify other skills. No persistence/privilege concerns detected.
Scan Findings in Context
[unicode-control-chars] unexpected: The SKILL.md contained unicode control characters that the pre-scan flagged as potential prompt-injection. This is not expected for a simple writing template and could be used to manipulate agent instruction parsing or evaluation. Recommend inspecting the raw file for hidden control characters before use.
What to consider before installing
What to consider before installing or using this skill: - Function: This is an instruction-only Xiaohongshu copywriting/template skill — it generates titles, bodies, emoji and tag suggestions and claims Pro features for '仿写' and cross-platform adaptation. That matches what the files contain. - Prompt-injection warning: A scanner detected unicode control characters inside SKILL.md. These can hide instructions or try to alter the agent's behavior. Ask the developer for the original source or inspect the raw files to remove any invisible control characters before use. - API Key inconsistency: The README and SKILL.md mention a Pro API Key and '一键分发' but the skill metadata declares no required env vars. Do NOT provide real API keys or secrets to this skill until the developer clarifies: where is the key stored, which endpoint uses it, and whether the skill will post content on your behalf. Prefer using test keys or sandbox accounts for initial trials. - Data you supply: The skill asks you to paste Xiaohongshu URLs (or presumably content). Avoid pasting private or sensitive data. If you want the skill to analyze a private note, prefer pasting only the text you want analyzed and avoid credentials. - Origin and trust: The source/homepage is unknown. If you need ongoing or networked features (Pro, posting to other platforms), prefer a skill with a known homepage, documented endpoints, or an open-source repo you can review. - Practical steps: (1) Inspect SKILL.md and README for hidden characters and remove them. (2) Ask the author to explain the Pro API flow and precisely what the agent will call/do. (3) Test the free features locally with sample text (no credentials). (4) If you must try Pro features, use a limited test API key and monitor traffic; do not reuse production credentials until you understand the integration. Given the prompt-injection signal and the API-key documentation mismatch, treat this skill as suspicious until the developer provides clear, verifiable details about the Pro API usage and the hidden-control-character issue is resolved.

Like a lobster shell, security has layers — review code before you run it.

latestvk976vdq13ezpveb55q1jaxsqbd83dxa4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments