ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Clawnote

v0.1.1

Review-first Xiaohongshu/Rednote content ops for OpenClaw. Use when creating a repeatable workflow for topic research, draft generation, Feishu review, exact...

0· 345·1 current·1 all-time
by@zhangifonly

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for zhangifonly/clawnote.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Clawnote" (zhangifonly/clawnote) from ClawHub.
Skill page: https://clawhub.ai/zhangifonly/clawnote
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install clawnote

ClawHub CLI

Package manager switcher

npx clawhub@latest install clawnote
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (Xiaohongshu/Rednote content ops, review-first publish flow) matches the included files and scripts: research → draft → publish-assist is implemented via provided templates and helper scripts. Requiring a local Xiaohongshu toolkit and a Feishu review target is consistent with the described purpose, but those requirements are not declared in the skill metadata.
Instruction Scope
SKILL.md and workspace templates instruct the agent to read local template files, generate draft/publish packages, save them under .openclaw/pending-xhs or memory/, and call bundled scripts (preview or live publish). The scripts may invoke an external toolkit (xhs_toolkit.py) which can execute arbitrary actions including network publishing; this is expected for a publish-assist skill but deserves user attention.
Install Mechanism
There is no install spec (instruction-only) and no remote download/installer. The code files are bundled as templates/scripts; nothing is written to disk by an installer during skill install. This is lower-risk than arbitrary remote downloads.
!
Credentials
The repository and scripts require environment vars (README and TOOLS.md mention XHS_TOOLKIT_ROOT and XHS_REVIEW_OPEN_ID; publish_approved_note.py exits if XHS_TOOLKIT_ROOT is unset). However, the skill metadata lists no required env vars or primary credential. That mismatch is problematic: the skill will fail or behave unexpectedly unless you set env vars, and the skill metadata does not surface that it expects access to a local toolkit directory which could contain credentials or browser profile data.
Persistence & Privilege
always is false and the skill does not request permanent platform-wide presence. The scripts create local files (.openclaw/pending-xhs, memory/, temporary Chrome profile dirs) within the workspace — this is expected for a content-ops template and limited in scope.
What to consider before installing
This skill appears to implement exactly the Xiaohongshu review→publish workflow it advertises, but it omits important operational details in its metadata. Before installing or running: 1) Understand and set the required environment variables (notably XHS_TOOLKIT_ROOT and XHS_REVIEW_OPEN_ID) in a safe way — do not put unrelated secrets there. 2) Inspect the external toolkit (xhs_toolkit.py) referenced by XHS_TOOLKIT_ROOT — the publish script launches that tool and it can do network actions (posting, deleting). Only point XHS_TOOLKIT_ROOT at code you trust. 3) Be aware the scripts write local files (.openclaw/pending-xhs, memory/) and create a temporary Chrome profile when publishing; run in a workspace where this is acceptable. 4) Keep the default review-first behavior: do not enable live publish unless you explicitly approve each title. If you need this skill to be accepted into a registry, ask the author to declare required env vars and to document the exact trust assumptions for the external toolkit; that transparency would resolve the main concern.

Like a lobster shell, security has layers — review code before you run it.

latestvk9757kha8v9y38zpbqk590bnsh82h5v0
345downloads
0stars
1versions
Updated 13h ago
v0.1.1
MIT-0
@zhangifonly
latest
Download

Clawnote

Use this skill when the goal is to build or run a Xiaohongshu content workflow inside OpenClaw.

This skill is for:

  • daily AI news + OpenClaw practice drafts
  • Feishu-first review flow
  • Xiaohongshu-style rewriting
  • exact-title approval before publish
  • memory + cron driven content ops

What To Read

Start with:

  • workspace-template/AGENTS.md
  • workspace-template/SOUL.md
  • workspace-template/TOOLS.md

Read these when needed:

  • workspace-template/PUBLISH_ASSIST.md for publish rules
  • workspace-template/FEISHU_COMMANDS.md for user command patterns
  • docs/SAFETY.md for risk boundaries

Workflow

Follow this order:

  1. xhs-research
  2. xhs-draft
  3. xhs-publish-assist

Default mode is review-first, not auto-publish.

Bundled Scripts

Use these scripts instead of rewriting them:

  • workspace-template/scripts/save_publish_package.py
  • workspace-template/scripts/build_publish_package.py
  • workspace-template/scripts/publish_approved_note.py
  • workspace-template/scripts/write_memory_entry.py

Important Safety Rules

  • Do not publish without explicit user approval.
  • Treat deletion as a separate high-risk action.
  • Do not assume archive-to-draft works unless it has been re-verified for the current Xiaohongshu UI.
  • Prefer exact-match title confirmation over fuzzy matching.

Comments

Loading comments...