中文 EN

扫描报告

扫描新文件

可信 — 风险评分 10/100
上次扫描:19 小时前 重新扫描
10 /100
xhs-autopilot
Full-autonomous Xiaohongshu (Little Red Book/RED) AI-native content system. 30-min operation loop with self-improvement, multi-modal content generation, and automated publishing.
Documentation-only skill package for Xiaohongshu social media automation with no executable code present and no malicious indicators found.
技能名称xhs-autopilot
分析耗时34.0s
引擎pi
可以安装
This is a documentation package with no actual scripts. Verify script availability before deployment.

安全发现 1 项

严重性 安全发现 位置
低危
Referenced scripts not present in package 文档欺骗
SKILL.md lists multiple scripts (search/run.py, cover/run.py, publish/run.py, etc.) as available tools, but none of these files exist in the package. This is either a documentation template or the scripts were removed.
scripts/search/run.py, scripts/cover/run.py, scripts/publish/run.py
→ Verify that scripts exist before execution or clarify that this is documentation-only
 SKILL.md:1
资源类型声明权限推断权限状态证据
文件系统 NONE NONE No scripts to infer filesystem access
网络访问 READ READ ✓ 一致 Documentation mentions WebFetch/web requests for research
命令执行 NONE NONE References bash commands but no scripts present
浏览器 WRITE WRITE ✓ 一致 CDP browser control via localhost:9222 is documented
1 项发现
🔗
中危 外部 URL 外部 URL
https://creator.xiaohongshu.com/publish/publish
references/develop_protocol/DEVELOPER_BIBLE.md:110

目录结构

3 文件 · 14.2 KB · 490 行
Markdown 2f · 489L JSON 1f · 1L
├─ 📁 references
│ └─ 📁 develop_protocol
│ └─ 📝 DEVELOPER_BIBLE.md Markdown 216L · 6.9 KB
├─ 📋 _meta.json JSON 1L · 362 B
└─ 📝 SKILL.md Markdown 273L · 6.9 KB

安全亮点

✓ All browser automation capabilities are thoroughly documented
✓ Anti-detection measures (human-like delays, viewport traps) are well-specified
✓ No obfuscation or suspicious encoding patterns detected
✓ No credential harvesting or data exfiltration mentioned
✓ Memory architecture provides good separation of concerns
✓ Exit codes and status tags provide clear observability