Tracked packageView full profile for xiaohongshu-mcp →

MCPSafe.io

Security pre-install checks for MCP servers.

Mostly safe — a couple of notes worth reading.

Compare to another server

github · xiaohongshu-mcpHEAD

Item: xiaohongshu-mcp
Rating: 4
Author: MCPSafe

Scanned 5/3/2026, 6:58:35 PM·Cached result·Fast Scan·45 rules·How we decide ↗

AIVSS Score

3.2/ 10

Low

Severity Breakdown

critical

high

medium

low

MCP Server Information

Packagexiaohongshu-mcp

VersionHEAD

SourceGITHUB

Publisherxpzouying

Package age9mo

Stars13.2K

Downloads/wk—

Dependencies0

Homepagehttps://www.haha.ai/xiaohongshu-mcp

Repositoryhttps://github.com/xpzouying/xiaohongshu-mcp

Findings

Showing 1–30 of 32 findings

medium (20)

low (10)

«‹

32 findings

medium (22)

AIVSS 3.2CVSS 4.4

Dockerfile never sets a non-root `USER` directive, so the CMD runs as root by default. Any RCE or library-level vulnerability exploited inside this container gets full privileges (MCP Top-10 R3). Add `USER <non-root>` before CMD / ENTRYPOINT in the final stage — e.g. `USER 1000`, `USER nobody`, or `USER nonroot` on distroless.

Evidence

# ---- build stage ----
FROM golang:1.24 AS builder

WORKDIR /src
# 配置 Go 模块代理为国内源
ENV GOPROXY=https://goproxy.cn,direct
ENV GOSUMDB=sum.golang.google.cn

COPY go.mod go.sum ./
RUN go mod download

COPY . .
RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags="-s -w" -o /out/app .

# ---- run stage ----
FROM ubuntu:22.04

# 设置时区
ENV TZ=Asia/Shanghai
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

WORKDIR /app

# 1. 先安装必要工具，然后配置阿里云镜像源
RUN apt-get update && a

Remediation

Create and switch to a non-root user before the CMD / ENTRYPOINT: RUN adduser --system --uid 1000 app USER 1000 Or reuse the base image's shipped non-root account (e.g. `USER nobody`, `USER nonroot` on distroless). Multi-stage builds only need the USER directive in the final stage.

1	# ---- build stage ----
2	FROM golang:1.24 AS builder
3
4	WORKDIR /src
5	# 配置 Go 模块代理为国内源
6	ENV GOPROXY=https://goproxy.cn,direct
7	ENV GOSUMDB=sum.golang.google.cn
8
9	COPY go.mod go.sum ./
10	RUN go mod download
11
12	COPY . .
13	RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags="-s -w" -o /out/app .
14
15	# ---- run stage ----
16	FROM ubuntu:22.04
17
18	# 设置时区
19	ENV TZ=Asia/Shanghai
20	RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
21
22	WORKDIR /app
23
24	# 1. 先安装必要工具，然后配置阿里云镜像源
25	RUN apt-get update && a

1	# Dockerfile for ARM64 architecture
2	# This Dockerfile uses Chromium (auto-downloaded by go-rod) instead of Google Chrome
3	# because Google Chrome does not provide official Linux ARM64 builds.
4
5	# ---- build stage ----
6	FROM golang:1.24 AS builder
7
8	WORKDIR /src
9	# 配置 Go 模块代理为国内源
10	ENV GOPROXY=https://goproxy.cn,direct
11	ENV GOSUMDB=sum.golang.google.cn
12
13	COPY go.mod go.sum ./
14	RUN go mod download
15
16	COPY . .
17	# 移除 GOARCH 硬编码，让构建系统根据目标平台自动选择架构
18	RUN CGO_ENABLED=0 GOOS=linux go build -ldflags="-s -w" -o /out/app

26	actions: read # Required for Claude to read CI results on PRs
27	steps:
28	- name: Checkout repository
29	uses: actions/checkout@v4
30	with:
31	fetch-depth: 1

16	runs-on: ubuntu-latest
17
18	steps:
19	- uses: actions/checkout@v4
20
21	- name: Set up Docker Buildx
22	uses: docker/setup-buildx-action@v3

33	- name: Run Claude Code Review
34	id: claude-review
35	uses: anthropics/claude-code-action@v1
36	with:
37	claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
38	plugin_marketplaces: 'https://github.com/anthropics/claude-code.git'

29	password: ${{ secrets.ALIYUN_REGISTRY_PASSWORD }}
30
31	- name: Build and push Docker image (AMD64)
32	uses: docker/build-push-action@v5
33	with:
34	context: .
35	file: ./Dockerfile

91	} >> $GITHUB_OUTPUT
92
93	- name: Create tag and release
94	uses: softprops/action-gh-release@v1
95	with:
96	tag_name: ${{ github.event.inputs.version }}
97	name: Release ${{ github.event.inputs.version }}

22	uses: docker/setup-buildx-action@v3
23
24	- name: Log in to Docker Hub
25	uses: docker/login-action@v3
26	with:
27	username: xpzouying
28	password: ${{ secrets.DOCKERHUB_TOKEN }}

42	echo "Version $VERSION is valid"
43
44	- name: Set up Go
45	uses: actions/setup-go@v4
46	with:
47	go-version: '1.24'

41	cache-to: type=gha,mode=max
42
43	- name: Build and push Docker image (ARM64)
44	uses: docker/build-push-action@v5
45	with:
46	context: .
47	file: ./Dockerfile.arm64

35	if: (github.event_name == 'push' && github.ref == 'refs/heads/main') \|\| (github.event_name == 'workflow_dispatch')
36
37	steps:
38	- uses: actions/checkout@v4
39	with:
40	fetch-depth: 0

110	continue-on-error: true
111
112	- name: Create Release
113	uses: softprops/action-gh-release@v1
114	with:
115	tag_name: ${{ steps.version.outputs.version }}
116	name: Release ${{ steps.version.outputs.version }}

175	except Exception:
176	pass
177	ws.close()
178	print("[chrome_launcher] Sent Browser.close via CDP.")
179	except Exception:
180	pass
181
182	# Wait briefly for Chrome to shut down
183	time.sleep(1)

40	os.environ.setdefault("PYTHONIOENCODING", "utf-8")
41	try:
42	sys.stdout.reconfigure(encoding="utf-8", errors="replace")
43	sys.stderr.reconfigure(encoding="utf-8", errors="replace")
44	except Exception:
45	pass
46
47	# Add scripts dir to path so sibling modules can be imported
48	SCRIPT_DIR = os.path.dirname(os.path.abspath(__file__))

22	uses: docker/setup-buildx-action@v3
23
24	- name: Log in to Aliyun Container Registry
25	uses: docker/login-action@v3
26	with:
27	registry: crpi-hocnvtkomt7w9v8t.cn-beijing.personal.cr.aliyuncs.com
28	username: ${{ secrets.ALIYUN_REGISTRY_USERNAME }}

32	- name: Run Claude Code
33	id: claude
34	uses: anthropics/claude-code-action@v1
35	with:
36	claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}

43	if os.path.exists(ACCOUNTS_FILE):
44	try:
45	with open(ACCOUNTS_FILE, "r", encoding="utf-8") as f:
46	return json.load(f)
47	except (json.JSONDecodeError, IOError):
48	pass
49	# Default structure
50	return {
51	"default_account": DEFAULT_PROFILE_NAME,

190	print("[chrome_launcher] Terminated tracked Chrome process.")
191	except Exception:
192	try:
193	_chrome_process.kill()
194	except Exception:
195	pass
196	_chrome_process = None
197
198	# Strategy 3: Windows taskkill by port (fallback)

192	# Optionally delete the profile directory
193	if delete_profile and profile_dir and os.path.isdir(profile_dir):
194	try:
195	shutil.rmtree(profile_dir)
196	except Exception:
197	pass
198
199	return True

113	else:
114	for f in self.downloaded_files:
115	try:
116	os.remove(f)
117	except OSError:
118	pass
119	print(f"[image_downloader] Cleaned up {len(self.downloaded_files)} files.")
120	self.downloaded_files.clear()

210	capture_output=True, timeout=5
211	)
212	print(f"[chrome_launcher] Killed process {pid} via taskkill.")
213	break
214	except Exception:
215	pass
216
217	# Wait for port to be released
218	deadline = time.time() + 5

171	ws = ws_client.connect(ws_url)
172	ws.send('{"id":1,"method":"Browser.close"}')
173	try:
174	ws.recv(timeout=2)
175	except Exception:
176	pass
177	ws.close()
178	print("[chrome_launcher] Sent Browser.close via CDP.")
179	except Exception:

421	el.MustEval(`() => {
422	try {
423	this.scrollIntoView({behavior: 'smooth', block: 'center'});
424	} catch (e) {}
425	}`)
426
427	sleepRandom(reactionTimeRange.min, reactionTimeRange.max)

github · xiaohongshu-mcpHEAD

medium (20)

low (10)

medium (22)

low (10)

LLM summary— xiaohongshu-mcp:HEAD

Signal scores

LLM judge panel

CVE check

Community trust

Scan details

MCP Server Information

Run this exact engine on your private repo — before users see it on /scan.

medium (20)

low (10)

medium (22)

low (10)

Severity breakdown