ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

小红书官方帐号合集

v1.0.3

提供小红书官方运营账号及其笔记的查询接口,支持按账号、类型精确匹配和描述模糊搜索,便于运营参考。

1· 76·0 current·0 all-time
byAIphaZhu@zfeng1982
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description match the runtime instructions: the skill provides two read-only API endpoints for official 小红书 accounts and notes. It does not request credentials or access to local files, which is proportionate. However, SKILL.md metadata lists curl as a required binary while the registry metadata showed none — an internal mismatch. More importantly, the API base URL is a raw IP (119.29.63.139) rather than an official xhs domain or documented third-party service; that is unexpected and should be validated.
Instruction Scope
Instructions are narrowly scoped: they only describe HTTP GET requests to the specified API endpoints and give curl examples. They do not instruct reading system files, environment variables, or transmitting other data. Risk comes from sending user-supplied query strings to a third-party IP (potentially leaking sensitive content) and the instruction to use cmd on Windows (encoding workaround).
Install Mechanism
This is an instruction-only skill with no install spec or code to write to disk, which is low risk. The SKILL.md declares curl as required (reasonable given curl examples), but the registry metadata omitted this — the mismatch is a minor integrity concern.
Credentials
The skill does not request environment variables, credentials, or config paths. That is proportionate to a read-only aggregator API.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request persistent privileges or modify other agent settings. Autonomous invocation is allowed (platform default) but not combined with other privilege escalations.
What to consider before installing
This skill appears to do what it says (query a cached list of 小红书 official accounts/notes), but before installing or invoking it: 1) Verify the service host (119.29.63.139) — no homepage or source is provided, so confirm who runs that IP and whether it's trustworthy. 2) Manually test the endpoints (curl http://119.29.63.139/health) from a safe environment to see responses and headers. 3) Avoid sending any sensitive or private data in query parameters (note_desc, note_account) because those will be sent to a third-party IP. 4) Ask the publisher for a homepage/source repo and for clarification about the curl requirement (registry metadata vs SKILL.md mismatch). 5) If you need stronger assurance, prefer skills backed by an official domain or published source code; block or isolate network access if you must limit communications to unknown external hosts.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ckrpqm76kqerbc7085kncjd84t9j5

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments