zhihu-post

This package is an automation 'skill' for posting to Zhihu by controlling a user's Chrome via a Browser Relay. The code/instructions do not contain explicit malware, obfuscated payloads, or remote command-and-control. However, the required capabilities (full control of an attached Chrome session and the ability to read a local upload directory) are high-risk: they allow publishing as the user and can be repurposed to exfiltrate files or perform other actions with the user's authenticated session. Recommend: (1) treat the Browser Relay extension as a high-trust component and audit it before use, (2) require explicit, per-action human confirmation before any publish/upload operation, (3) restrict and validate allowed upload file types and paths, and (4) log and surface every automated action to the user for review.