Xhs Downloader

JoeanAmier/XHS-DownloaderGPL-3.0โญ 10,344๐Ÿ”ง 0 tools

F6.2SpiderScore (registry)
โš  Hard constraint applied: multiple critical issues forces F
Decision
Allow with Risk
Confidence
90%

Xhs Downloader has risks โ€” usable with isolation (6.16/10, 3 critical, 0 high).

Recommended Actions

  • high
    Run In Container
    3 critical vulnerabilities require isolation
  • high
    Limit Permissions
    Restrict tool access to minimum required scope

Do Not

  • โœ—running in production without container isolation
  • โœ—exposing this tool to untrusted input
Risk Flags (2)
  • critical
    command_injection
    Command injection risk รขโ‚ฌโ€ subprocess called with shell=True and non-literal command
  • critical
    sql_injectionร—2
    SQL injection รขโ‚ฌโ€ .execute() called with f-string (user input may reach query)
How This Was Decided
  • positivew=0.5Overall quality score = 6.16/10 (grade F)
  • negativew=0.83 critical security issue(s) detected
  • positivew=0.3Tool description clarity score = 5.0/10
Source: SpiderRating automated security scanUpdated: 2026-03-13Protocol: v1.1

Description Quality

Composite: 5.0 / 10

3-Layer Breakdown

Description (38%)
5.0
Security (34%)
5.0
Metadata (28%)
9.1

Description Dimensions

Intent Clarity
5.0
Permission Scope
5.0
Side Effects
5.0
Capability Disclosure
5.0
Operational Boundaries
5.0

Category Ranking: Databases

#28 of 160 ยท Top 18%
Overall#286.2 (avg 4.3)
Security5.0 (avg 7.7)
Description#415.0 (avg 3.9)
Metadata#99.1 (avg 6.1)

Why #28 in Databases?

Top 18% of 160 tools
Security
5.0avg 7.7
Description#41
5.0avg 3.9
Metadata#9
9.1avg 6.1

How to reach #27? Need +0.0 overall to pass Sql Injection Testing (6.2). Biggest opportunity: Security is 2.6 below category average.

Top action: Fix 3 critical security issue(s) โ€” use parameterized queries, avoid eval/exec (+0.2)

Security Analysis

5.0
Score
3
Critical
0
High
0
Medium
0
Low

Findings Redacted

Detailed security findings are hidden during the 90-day responsible disclosure window. Maintainers have been notified.

3 CRITICAL

Metadata Health

Provenance (40%)
9.0
Maintenance (35%)
9.0
Popularity (25%)
9.4

Badge

Add this badge to your README:

[![SpiderRating](https://spiderrating.com/badge/JoeanAmier__XHS-Downloader.svg)](https://spiderrating.com/servers/JoeanAmier/XHS-Downloader)
๐Ÿ›ก๏ธ

Protect Your Agents

Get a free API key. Every MCP tool call checked against 15,923 rated servers in real-time.

Get Free API Key โ†’
๐Ÿ“Š

Monitor All Your Servers

Dashboard for your entire MCP portfolio. Score tracking, alerts, and compliance reports.

Start Free Trial โ†’
โญ

Scan Locally (Open Source)

Run SpiderShield on your own machine. 46+ security rules, zero data leaves your system.

Star on GitHub โ†’

Similar Servers

Nexus Text To Sqlcyberforexblockchain/nexus-text-to-sql
6.1C
Sql Injection Testingbrandonwise/sql-injection-testing
6.2C
Alicloud Database Analyticdb Mysqlcinience/alicloud-database-analyticdb-mysql
6.1C
Lybic Sandboxaenjoy/lybic-sandbox
6.1C
Xiyan Mcp ServerXGenerationLab/xiyan_mcp_server
6.3C