xiaohongshu-publisher

[Skill Scanner] Installation of third-party script detected All findings: [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Instruction to copy/paste content into terminal detected (CI012) [AITech 9.1.4] No evidence in the provided materials of intentional malware, obfuscated backdoors, or exfiltration to third-party domains. The package implements expected automation flows: parsing local markdown, uploading local image files via a user-run Chrome session, and interacting with the Xiaohongshu web UI. The primary security risk is operational: enabling Chrome remote debugging (CDP) exposes a powerful control surface that can be abused by local or networked attackers and grants high privileges via the logged-in browser session. Treat CDP mode as high-risk — restrict port exposure (bind to localhost), run only on trusted machines, and verify the agent-browser tool and local scripts before granting access. If you need lower-risk automation, prefer official APIs or ephemeral, least-privilege browser profiles. LLM verification: The skill's documented capabilities match its stated purpose (automating Xiaohongshu posting via an existing browser session). There is no direct evidence of intentionally malicious behavior in the provided documentation, but there are notable security risks: granting CDP access to a running browser is powerful (can access cookies, DOM, and drive arbitrary pages), pip installs are unpinned (minor supply-chain risk), and helper scripts' source code was not provided for inspection (audit gap). Tre