xhs-publisher Security Report — Low Risk | ClawSafe

20 /100

xhs-publisher

小红书通用自动发帖技能。全流程自动化：AI生成帖子内容 → 生成封面图（6套风格模板）→ Puppeteer自动发布到小红书创作者中心

A legitimate Xiaohongshu auto-posting tool using Puppeteer for browser automation, with a hardcoded placeholder IP and minor doc gaps, but no evidence of malicious behavior.

Skill Namexhs-publisher

Duration49.0s

Enginepi

✓

Safe to install

Approve for use with normal precautions. Replace the hardcoded placeholder IP (122.0.0.0) with a documented test value or constant. Consider documenting the npm install capability in SKILL.md.

Findings 3 items

Severity	Finding	Location
Low	Hardcoded placeholder IP address in source Doc Mismatch Line 641 of xhs_publisher.js contains the hardcoded IP '122.0.0.0'. While this appears to be an unroutable placeholder value (not a real IP), hardcoding IPs is a high-risk indicator and warrants replacement with a named constant. `await page.goto('https://creator.xiaohongshu.com/publish/publish?source=official', { waitUntil: 'networkidle2', timeout: 30000 });` → Replace with a named constant (e.g., const XHS_PUBLISH_URL = 'https://creator.xiaohongshu.com/...') for clarity. The actual URL at line 644 is legitimate.	`scripts/xhs_publisher.js:641`
Low	Font download and npm install in setup.md not declared in SKILL.md Doc Mismatch references/setup.md instructs users to run 'npm install puppeteer' and use wget to download fonts from GitHub. These runtime environment setup steps are not declared in SKILL.md's capability section. This is a minor documentation gap — the steps are legitimate system configuration, not runtime behavior of the skill itself. `npm install puppeteer wget -O ~/.fonts/NotoSansSC-Regular.otf ...` → Add a brief 'Prerequisites' section to SKILL.md noting the need for Node.js, npm, and Noto Sans SC font.	`references/setup.md:1`
Low	Tencent npm mirror in package-lock.json Supply Chain package-lock.json resolves dependencies from mirrors.tencent.com rather than the official npm registry. This is a benign configuration for users in China but introduces a third-party registry dependency. `https://mirrors.tencent.com/npm/@babel/code-frame/-/code-frame-7.29.0.tgz` → Document the registry dependency or consider pinning to a known-good registry for supply chain transparency.	`scripts/package-lock.json:13`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`WRITE`	`WRITE`	✓ Aligned	fs.writeFileSync, fs.readFileSync, fs.mkdirSync — used for session storage and c…
Network	`READ`	`READ`	✓ Aligned	Puppeteer navigates to creator.xiaohongshu.com via browser automation — consiste…
Shell	`NONE`	`NONE`	—	No shell command execution found; no subprocess, execSync, or shell spawning
Browser	`WRITE`	`WRITE`	✓ Aligned	Full Puppeteer browser control declared via publishPost/generateCoverImage; all …
Environment	`NONE`	`READ`	✓ Aligned	process.env.XHS_PROFILE_DIR and os.homedir() accessed for session paths; no cred…
Skill Invoke	`NONE`	`NONE`	—	No cross-skill invocation detected
Clipboard	`NONE`	`NONE`	—	No clipboard access found
Database	`NONE`	`NONE`	—	No database access

1 High 103 findings

📡

High IP Address 硬编码 IP 地址

122.0.0.0

scripts/xhs_publisher.js:641

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/@babel/code-frame/-/code-frame-7.29.0.tgz

scripts/package-lock.json:13

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/@babel/helper-validator-identifier/-/helper-validator-identifier-7.28.5.tgz

scripts/package-lock.json:26

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/@puppeteer/browsers/-/browsers-2.13.0.tgz

scripts/package-lock.json:35

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/@tootallnate/quickjs-emscripten/-/quickjs-emscripten-0.23.0.tgz

scripts/package-lock.json:56

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/@types/node/-/node-25.5.2.tgz

scripts/package-lock.json:62

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/@types/yauzl/-/yauzl-2.10.3.tgz

scripts/package-lock.json:71

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/agent-base/-/agent-base-7.1.4.tgz

scripts/package-lock.json:81

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/ansi-regex/-/ansi-regex-5.0.1.tgz

scripts/package-lock.json:90

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/ansi-styles/-/ansi-styles-4.3.0.tgz

scripts/package-lock.json:98

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/argparse/-/argparse-2.0.1.tgz

scripts/package-lock.json:113

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/ast-types/-/ast-types-0.13.4.tgz

scripts/package-lock.json:118

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/b4a/-/b4a-1.8.0.tgz

scripts/package-lock.json:130

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/bare-events/-/bare-events-2.8.2.tgz

scripts/package-lock.json:144

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/bare-fs/-/bare-fs-4.6.0.tgz

scripts/package-lock.json:158

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/bare-os/-/bare-os-3.8.7.tgz

scripts/package-lock.json:182

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/bare-path/-/bare-path-3.0.0.tgz

scripts/package-lock.json:191

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/bare-stream/-/bare-stream-2.12.0.tgz

scripts/package-lock.json:200

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/bare-url/-/bare-url-2.4.0.tgz

scripts/package-lock.json:226

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/basic-ftp/-/basic-ftp-5.2.0.tgz

scripts/package-lock.json:235

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/buffer-crc32/-/buffer-crc32-0.2.13.tgz

scripts/package-lock.json:244

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/callsites/-/callsites-3.1.0.tgz

scripts/package-lock.json:253

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/chromium-bidi/-/chromium-bidi-14.0.0.tgz

scripts/package-lock.json:262

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/cliui/-/cliui-8.0.1.tgz

scripts/package-lock.json:275

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/color-convert/-/color-convert-2.0.1.tgz

scripts/package-lock.json:288

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/color-name/-/color-name-1.1.4.tgz

scripts/package-lock.json:300

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/cosmiconfig/-/cosmiconfig-9.0.1.tgz

scripts/package-lock.json:305

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/data-uri-to-buffer/-/data-uri-to-buffer-6.0.2.tgz

scripts/package-lock.json:330

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/debug/-/debug-4.4.3.tgz

scripts/package-lock.json:339

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/degenerator/-/degenerator-5.0.1.tgz

scripts/package-lock.json:355

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/devtools-protocol/-/devtools-protocol-0.0.1581282.tgz

scripts/package-lock.json:369

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/emoji-regex/-/emoji-regex-8.0.0.tgz

scripts/package-lock.json:375

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/end-of-stream/-/end-of-stream-1.4.5.tgz

scripts/package-lock.json:381

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/env-paths/-/env-paths-2.2.1.tgz

scripts/package-lock.json:390

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/error-ex/-/error-ex-1.3.4.tgz

scripts/package-lock.json:399

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/escalade/-/escalade-3.2.0.tgz

scripts/package-lock.json:407

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/escodegen/-/escodegen-2.1.0.tgz

scripts/package-lock.json:416

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/esprima/-/esprima-4.0.1.tgz

scripts/package-lock.json:436

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/estraverse/-/estraverse-5.3.0.tgz

scripts/package-lock.json:449

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/esutils/-/esutils-2.0.3.tgz

scripts/package-lock.json:457

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/events-universal/-/events-universal-1.0.1.tgz

scripts/package-lock.json:466

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/extract-zip/-/extract-zip-2.0.1.tgz

scripts/package-lock.json:474

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/fast-fifo/-/fast-fifo-1.3.2.tgz

scripts/package-lock.json:494

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/fd-slicer/-/fd-slicer-1.1.0.tgz

scripts/package-lock.json:500

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/get-caller-file/-/get-caller-file-2.0.5.tgz

scripts/package-lock.json:509

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/get-stream/-/get-stream-5.2.0.tgz

scripts/package-lock.json:518

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/get-uri/-/get-uri-6.0.5.tgz

scripts/package-lock.json:532

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/http-proxy-agent/-/http-proxy-agent-7.0.2.tgz

scripts/package-lock.json:546

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/https-proxy-agent/-/https-proxy-agent-7.0.6.tgz

scripts/package-lock.json:559

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/import-fresh/-/import-fresh-3.3.1.tgz

scripts/package-lock.json:571

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/ip-address/-/ip-address-10.1.0.tgz

scripts/package-lock.json:586

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/is-arrayish/-/is-arrayish-0.2.1.tgz

scripts/package-lock.json:594

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz

scripts/package-lock.json:600

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/js-tokens/-/js-tokens-4.0.0.tgz

scripts/package-lock.json:609

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/js-yaml/-/js-yaml-4.1.1.tgz

scripts/package-lock.json:614

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz

scripts/package-lock.json:626

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/lines-and-columns/-/lines-and-columns-1.2.4.tgz

scripts/package-lock.json:632

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/lru-cache/-/lru-cache-7.18.3.tgz

scripts/package-lock.json:638

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/mitt/-/mitt-3.0.1.tgz

scripts/package-lock.json:647

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/ms/-/ms-2.1.3.tgz

scripts/package-lock.json:653

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/netmask/-/netmask-2.0.2.tgz

scripts/package-lock.json:659

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/once/-/once-1.4.0.tgz

scripts/package-lock.json:668

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/pac-proxy-agent/-/pac-proxy-agent-7.2.0.tgz

scripts/package-lock.json:677

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/pac-resolver/-/pac-resolver-7.0.1.tgz

scripts/package-lock.json:696

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/parent-module/-/parent-module-1.0.1.tgz

scripts/package-lock.json:709

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/parse-json/-/parse-json-5.2.0.tgz

scripts/package-lock.json:720

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/pend/-/pend-1.2.0.tgz

scripts/package-lock.json:738

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/picocolors/-/picocolors-1.1.1.tgz

scripts/package-lock.json:743

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/progress/-/progress-2.0.3.tgz

scripts/package-lock.json:748

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/proxy-agent/-/proxy-agent-6.5.0.tgz

scripts/package-lock.json:756

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/proxy-from-env/-/proxy-from-env-1.1.0.tgz

scripts/package-lock.json:775

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/pump/-/pump-3.0.4.tgz

scripts/package-lock.json:781

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/puppeteer/-/puppeteer-24.40.0.tgz

scripts/package-lock.json:790

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/puppeteer-core/-/puppeteer-core-24.40.0.tgz

scripts/package-lock.json:811

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/require-directory/-/require-directory-2.1.1.tgz

scripts/package-lock.json:829

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/resolve-from/-/resolve-from-4.0.0.tgz

scripts/package-lock.json:838

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/semver/-/semver-7.7.4.tgz

scripts/package-lock.json:847

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/smart-buffer/-/smart-buffer-4.2.0.tgz

scripts/package-lock.json:858

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/socks/-/socks-2.8.7.tgz

scripts/package-lock.json:868

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/socks-proxy-agent/-/socks-proxy-agent-8.0.5.tgz

scripts/package-lock.json:882

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/source-map/-/source-map-0.6.1.tgz

scripts/package-lock.json:896

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/streamx/-/streamx-2.25.0.tgz

scripts/package-lock.json:906

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/string-width/-/string-width-4.2.3.tgz

scripts/package-lock.json:917

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/strip-ansi/-/strip-ansi-6.0.1.tgz

scripts/package-lock.json:930

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/tar-fs/-/tar-fs-3.1.2.tgz

scripts/package-lock.json:941

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/tar-stream/-/tar-stream-3.1.8.tgz

scripts/package-lock.json:955

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/teex/-/teex-1.0.1.tgz

scripts/package-lock.json:967

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/text-decoder/-/text-decoder-1.2.7.tgz

scripts/package-lock.json:975

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/tslib/-/tslib-2.8.1.tgz

scripts/package-lock.json:984

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/typed-query-selector/-/typed-query-selector-2.12.1.tgz

scripts/package-lock.json:990

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/undici-types/-/undici-types-7.18.2.tgz

scripts/package-lock.json:996

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/webdriver-bidi-protocol/-/webdriver-bidi-protocol-0.4.1.tgz

scripts/package-lock.json:1003

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/wrap-ansi/-/wrap-ansi-7.0.0.tgz

scripts/package-lock.json:1009

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/wrappy/-/wrappy-1.0.2.tgz

scripts/package-lock.json:1025

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/ws/-/ws-8.20.0.tgz

scripts/package-lock.json:1031

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/y18n/-/y18n-5.0.8.tgz

scripts/package-lock.json:1052

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/yargs/-/yargs-17.7.2.tgz

scripts/package-lock.json:1060

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/yargs-parser/-/yargs-parser-21.1.1.tgz

scripts/package-lock.json:1078

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/yauzl/-/yauzl-2.10.0.tgz

scripts/package-lock.json:1087

🔗

Medium External URL 外部 URL

https://mirrors.tencent.com/npm/zod/-/zod-3.25.76.tgz

scripts/package-lock.json:1097

🔗

Medium External URL 外部 URL

https://creator.xiaohongshu.com/login

scripts/xhs_publisher.js:510

🔗

Medium External URL 外部 URL

https://creator.xiaohongshu.com/publish/publish?source=official

scripts/xhs_publisher.js:644

🔗

Medium External URL 外部 URL

https://creator.xiaohongshu.com

scripts/xhs_publisher.js:660

File Tree

6 files · 82.0 KB · 2186 lines

JSON 2f · 1117L JavaScript 1f · 776L Markdown 3f · 293L

├─ ▾ 📁 references

│ ├─ 📝 posting-guide.md Markdown 85L · 2.9 KB

│ └─ 📝 setup.md Markdown 79L · 2.0 KB

├─ ▾ 📁 scripts

│ ├─ 📋 package-lock.json JSON 1105L · 39.9 KB

│ ├─ 📋 package.json JSON 12L · 277 B

│ └─ 📜 xhs_publisher.js JavaScript 776L · 32.0 KB

└─ 📝 SKILL.md Markdown 129L · 4.9 KB

Dependencies 2 items

Package	Version	Source	Known Vulns	Notes
`puppeteer`	`^24.40.0`	npm	No	Latest stable; major version pinned but minor not pinned
`ws`	`8.20.0`	npm	No	Transitive dependency via puppeteer-core; known CVE-2024-37890 mitigated by version range in lockfile

Security Positives

✓ Content safety filtering is well-implemented with regex patterns blocking hate speech, incitement, and biased characterizations

✓ Session data stored locally in ~/.openclaw-sessions/xiaohongshu/ with no exfiltration observed

✓ Puppeteer browser automation is a legitimate, widely-used tool appropriate for the stated use case

✓ No credential harvesting or environment variable iteration for sensitive keys detected

✓ No base64-encoded payloads, eval(), or obfuscated code paths

✓ No reverse shell, C2 communication, or data exfiltration endpoints

✓ Hardcoded IP 122.0.0.0 is an unroutable placeholder, not an active threat

✓ Verified login flow uses user-supplied phone + OTP with explicit askCodeFn callback — credentials never stored in code

✓ UserDataDir isolation per session prevents cross-contamination

✓ Screenshot capture on failure is scoped to /tmp and workspace directory only

Scan Report

Findings 3 items

File Tree

Dependencies 2 items

Security Positives