xhs-smart-publisher

SUSPICIOUS: The core browser automation matches the stated Xiaohongshu publishing purpose, and the target platform/domain is official. The main issue is data flow: screenshots and status are sent to a fixed Telegram channel, which is unnecessary for the task and exposes user content outside Xiaohongshu. Real-world posting capability also raises risk even with a confirmation gate.