xiaohongshu-workflow

SUSPICIOUS: the skill’s purpose matches social-media operations, but its footprint is high-risk. It asks the agent to install third-party binaries and a cloned downloader, handle raw session cookies, transfer those cookies to servers, export account data into long-lived memory, and perform public posting/commenting actions. These behaviors are broadly consistent with the stated purpose, so this is not confirmed malware, but the credential handling, supply-chain exposure, and autonomous public-action scope make it a high-risk skill.