小红书笔记创作技能

小红书笔记素材创作技能。当用户需要创建小红书笔记素材时使用这个技能。技能包含：根据用户的需求和提供的资料，撰写小红书笔记内容（标题+正文），生成图片卡片（封面+正文卡片），以及发布小红书笔记。

This skill appears to implement the advertised rendering and (optional) publish flows, but there are several things to check before installing or running it: - Metadata mismatch: the registry lists no env vars or install steps, yet the repository requires Python/Node dependencies and (for publishing) an XHS cookie. Treat that as a sign to inspect/install dependencies manually rather than trusting automatic plumbing. - Sensitive credential handling: publishing requires your Xiaohongshu session cookie. Never paste that into public places. Prefer keeping it in a local, encrypted secret store (not shared agent memory) and audit publish_xhs.py to confirm it only talks to Xiaohongshu and does not leak the cookie elsewhere. - Memory use: SKILL.md suggests saving the cookie into agent memory and retrieving it (memory_search). Only permit that if you understand how your agent stores and protects memory — agent memory can persist across sessions and may be accessible to other skills or logs. - Audit the publish script: before using publish functionality, open scripts/publish_xhs.py and confirm it uses a legitimate xhs client or official endpoints, and that it does not POST your cookie to any third-party servers. Also search code for unexpected network endpoints, logging of secrets, or obfuscated logic. - Install dependencies deliberately: follow the README to install requirements (pip install -r requirements.txt, npm install) and playwright browsers in a controlled environment (preferably an isolated VM or container) if you will render or publish. - Least privilege: if you must provide a cookie, consider creating a throwaway account or only use publish in dry-run mode until you trust the code. If you want, I can: - Highlight the exact lines in scripts/publish_xhs.py that access network endpoints and where the cookie is used, or - Summarize requirements.txt and package.json to list the packages you will need to install and any potential risky dependencies.

Type: OpenClaw Skill Name: xhs-note-creator Version: 2.0.0 The skill is classified as suspicious due to two main indicators. First, `scripts/publish_xhs.py` includes an `--api-mode` that can send the sensitive `XHS_COOKIE` (retrieved from `.env`) to an arbitrary API endpoint specified by `--api-url`. While it defaults to `http://localhost:5005`, this capability presents a critical vulnerability for credential exfiltration if an attacker can manipulate the agent to provide a malicious URL. Second, `scripts/comment_manager.py` contains a `while True` loop in its `auto_reply` function, which could lead to resource exhaustion if not properly managed by the agent runtime, and directly passes user-controlled comment content to the XHS API, posing a potential content injection risk (e.g., XSS if the platform is vulnerable). These are risky capabilities that could be exploited, but the code does not show clear evidence of intentional malicious behavior.