xiaohongshu-auto-posting
Warn
Audited by Socket on Jun 13, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS: the skill is broadly coherent with its stated Xiaohongshu automation purpose and routes actions to the official platform, but it carries medium risk because it installs and trusts an external browser automation CLI, uses a logged-in stealth browser session, processes untrusted platform content, and can take real-world posting/reply actions. This looks more like a high-impact automation skill than malware, but it requires substantial execution trust.
Confidence: 100%Severity: 60%
Audit Metadata