← Back to Skills Marketplace
154
Downloads
1
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install openclaw-xiaohongshu-mcp
Description
本地小红书 MCP 工作流技能,支持搜索笔记、读取详情与评论、发表评论与回复、发布图文/视频,并附带可直接复用的 Bash 脚本与发布模板。用户提到“小红书、xiaohongshu、小红书MCP、搜小红书、查小红书、发小红书、发布笔记、小红书评论、小红书详情、笔记发布、内容运营、RedNote”时使用。优先通过...
Usage Guidance
Before installing or running this skill: 1) Verify and trust the Docker image xpzouying/xiaohongshu-mcp before running docker-compose (check publisher, image tags, and upstream source); pulling unknown container images can run arbitrary code. 2) Avoid mounting sensitive host files into the container unless you trust the image—cookies.json, Chrome profile, and /root/.pki contain credentials and keys. Consider running the container in an isolated VM or with minimal volumes. 3) Ensure you install mcporter and python3 from trusted sources; the scripts rely on them though they are not declared as required in the registry metadata. 4) When providing content/payload JSON or comment text, test using the '仅自己可见' (private) visibility first; note that the scripts insert user text into JSON without escaping, so special characters may break payloads. 5) If you need higher assurance, inspect the upstream project/repository for the Docker image and review container Dockerfile and maintainer reputation, or run the MCP service code in a sandbox before mounting real browser/profile data.
Capability Analysis
Type: OpenClaw Skill
Name: openclaw-xiaohongshu-mcp
Version: 1.0.1
The skill bundle contains several shell scripts (e.g., xhs-comment.sh, xhs-detail.sh, and xhs-pick-detail.sh) that construct JSON payloads for the mcporter CLI using unsanitized string interpolation via printf. This creates a vulnerability where malicious or malformed input could lead to argument injection or broken JSON structures. While the behavior is aligned with the stated purpose of Xiaohongshu automation, the lack of input sanitization in scripts intended for AI execution poses a risk.
Capability Assessment
Purpose & Capability
The name/description match the included scripts and templates: search, read details/comments, post comments, and publish content via a local MCP service. The SKILL.md and scripts consistently call a local mcporter-based MCP endpoint. Minor inconsistency: the skill uses mcporter and python3 (and references docker/docker-compose) but the registry metadata lists no required binaries — the runtime dependencies are described in SKILL.md but not declared in the skill metadata.
Instruction Scope
Instructions and scripts operate against a local MCP endpoint (mcporter calls to localhost) and local files/templates. They require user-supplied feed_id/xsec_token or payload JSON and do not contact external endpoints directly from the scripts. The workflows and example commands are narrowly scoped to the stated MCP operations.
Install Mechanism
There is no install spec for the skill itself, but the repository includes a docker-compose file that will pull the image xpzouying/xiaohongshu-mcp from an external registry. Pulling and running an unverified container image is a meaningful risk (arbitrary code execution inside the container). The compose file also maps host paths into the container, increasing impact if the image is malicious or compromised. The skill does not provide provenance or verification for that image.
Credentials
The skill declares no required env vars, which matches the metadata, but the docker-compose and setup instructions recommend mounting sensitive host data (cookies.json, Chrome profile, .pki, user-data). Those mounts are plausibly required to preserve login state for automated posting, but they grant the container access to potentially sensitive credentials and browser data. Users should treat those mounts as high-risk and only use trusted images and isolate them appropriately. Also, scripts inject user-supplied content into JSON via printf/cat without escaping — malformed or specially crafted content could break payloads (not necessarily exfiltration but a robustness/injection concern).
Persistence & Privilege
The skill does not request always: true, does not modify other skills, and does not persist changes to global agent config. It does include Docker persistence recommendations for login state, which are scoped to the MCP container and not the agent platform itself.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install openclaw-xiaohongshu-mcp - After installation, invoke the skill by name or use
/openclaw-xiaohongshu-mcp - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
Polish store-facing description and README; improve trigger wording and product presentation.
v1.0.0
Initial public release: local Xiaohongshu MCP skill with helper scripts, templates, and relative-path packaging.
Metadata
Frequently Asked Questions
What is OpenClaw Xiaohongshu MCP?
本地小红书 MCP 工作流技能,支持搜索笔记、读取详情与评论、发表评论与回复、发布图文/视频,并附带可直接复用的 Bash 脚本与发布模板。用户提到“小红书、xiaohongshu、小红书MCP、搜小红书、查小红书、发小红书、发布笔记、小红书评论、小红书详情、笔记发布、内容运营、RedNote”时使用。优先通过... It is an AI Agent Skill for Claude Code / OpenClaw, with 154 downloads so far.
How do I install OpenClaw Xiaohongshu MCP?
Run "/install openclaw-xiaohongshu-mcp" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is OpenClaw Xiaohongshu MCP free?
Yes, OpenClaw Xiaohongshu MCP is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does OpenClaw Xiaohongshu MCP support?
OpenClaw Xiaohongshu MCP is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created OpenClaw Xiaohongshu MCP?
It is built and maintained by xiaopeng (@xiaomilizhipeng); the current version is v1.0.1.
More Skills