xiaohongshu-account-recommender

SUSPICIOUS. The skill’s general purpose is plausible, but its real data flow is misaligned: instead of using an official Xiaohongshu API, it sends queries to an unrelated third-party domain with unusual no-SNI manual HTTPS behavior. Local report generation is proportionate, but the external endpoint and transport design make the overall skill medium-high risk.