RedBookSkills

基于当前可见的实现，存在若干高优先级的稳定性与安全性风险，尤其是定时发布的逻辑缺陷、分页参数实际无效、账号与 Chrome 端口的隔离不足、以及文本拼接导致内容错乱等问题。若目标是长期、跨账号自动化运行，应优先修复 timedelta 导入与分页行为、强化端口与账户绑定、对 CDP 通信增加超时与健壮处理，以及改用文本安全写入方式。整体风险偏中高，恶意软件概率较低，但稳定性与安全性风险明显提升。

SUSPICIOUS. The skill is broadly aligned with Xiaohongshu automation, so it is not fundamentally deceptive, and the install path is ordinary Python dependencies rather than an unverifiable binary. However, it enables direct real-world actions on a social account (publishing, commenting, liking, bookmarking) and supports remote CDP control, which increases impact if misused. Data appears to flow to Xiaohongshu through browser automation rather than a third-party credential-harvesting proxy, but the overall scope is still medium risk because the agent can take authenticated account actions and scrape account data.