xiaohongshu

SUSPICIOUS: the skill’s core purpose is coherent, but it combines third-party code execution from an unrelated GitHub repo with autonomous public posting and engagement actions through a logged-in browser profile. The main concerns are supply-chain trust and high-risk real-world actions, not confirmed malware or credential theft.