xhs-search-workflow

SUSPICIOUS: the skill is internally coherent for an XHS scraping/export workflow and appears to call Xiaohongshu directly, but it handles raw session cookies, persists local auth, and relies on third-party reverse-engineered signing/auth logic through an undisclosed setup script. Risk is driven more by sensitive credential handling and unverifiable install details than by clear malware or credential exfiltration.