xiaohongshu-data

The skill's function (searching and analyzing Xiaohongshu content) is plausible and legitimate, but the documented deployment pattern is high risk. It instructs users to provide a full browser session cookie and runs an unpinned third-party package via npx, which together create a supply-chain and credential-exposure vulnerability. There is no direct evidence of malware in the provided documentation, but the design choices could enable credential theft or account compromise if the MCP package or its dependencies are malicious or compromised. Recommended mitigations: do not paste full session cookies; require pinned package versions and verify source code; prefer scoped API tokens or dedicated low-privilege accounts; require disclosure of network endpoints and logging/persistence behavior; audit the MCP package code and dependency tree before use.