← Back to Skills Marketplace
411
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install xhs-image-gen
Description
小红书笔记素材创作技能。当用户需要创建小红书笔记素材时使用这个技能。技能包含:根据用户的需求和提供的资料,撰写小红书笔记内容(标题+正文),生成图片卡片(封面+正文卡片),以及发布小红书笔记。支持 8 种精美排版主题和 4 种智能分页模式。
Usage Guidance
This package appears to be what it says (render image cards + optional publish to 小红书) but there are transparency issues you should address before installing: 1) The registry claims no env vars or binaries, yet the repo contains Python/Node scripts, requirements.txt, package.json and instructions to install Playwright/Chromium—expect heavy downloads and follow the README. 2) Publishing requires XHS_COOKIE (a full browser session cookie). That cookie grants access to your account; do not paste it into third-party tools or share it. Inspect scripts/publish_xhs.py (and any --api-mode behavior) to confirm where data and credentials are sent before using publish. 3) Prefer running rendering locally (render_xhs.py) and avoid the publish step unless you trust the code; consider running in an isolated VM/container. 4) If you plan to install, review publish_xhs.py for network endpoints and credential handling, and consider rotating cookies/credentials after testing. If you want, provide the publish_xhs.py source and I can point out exactly what endpoints it calls and whether it sends cookies/contents off-device.
Capability Analysis
Type: OpenClaw Skill
Name: xhs-image-gen
Version: 1.0.0
The skill bundle contains several high-risk vulnerabilities that could be exploited via prompt injection. Specifically, the rendering scripts (scripts/render_xhs.py and scripts/render_xhs.js) use Playwright to render HTML generated from Markdown without explicit sanitization, and render_xhs.py explicitly supports the 'file://' protocol for the --avatar parameter. This creates a risk of Local File Inclusion (LFI) or SSRF, where an attacker could trick the agent into rendering sensitive local files (e.g., .env, SSH keys) into the generated images. Additionally, render-rex.sh contains hardcoded absolute paths to a specific local user directory (/Users/mo), which is a security oversight.
Capability Assessment
Purpose & Capability
The skill's name/description (create XHS notes, render image cards, optionally publish) align with the included files (render and publish scripts, templates, themes). However the registry metadata claims 'instruction-only' with no required env vars or binaries, while the bundle actually contains Python/Node scripts, requirements.txt, package.json, and Playwright usage described in README—so the declared requirements do not match what the skill actually contains.
Instruction Scope
SKILL.md gives a narrow runtime scope: produce markdown, run render scripts to generate PNGs, and optionally run publish_xhs.py to post. That is coherent with the stated purpose. The instructions do require the user to obtain and place a full browser cookie (XHS_COOKIE) into .env for publishing; this is sensitive but relevant to the publishing function. The README also mentions an --api-mode / xhs-api option (possible external service) — you should inspect publish_xhs.py to confirm whether data or credentials may be sent to third-party endpoints.
Install Mechanism
Registry shows no install spec, but README and project files indicate real dependency installation is required: pip install -r requirements.txt, Node/npm installs, and Playwright which downloads Chromium. Playwright will pull large browser binaries. Because the registry did not declare these requirements and no automated install spec is provided, an operator might not expect these downloads or native binaries—this mismatch increases risk and friction.
Credentials
The registry metadata lists no required env vars, but SKILL.md and README explicitly require an XHS_COOKIE in .env to publish. Requesting a platform session cookie is proportionate to a publish operation, but the omission from declared requires.env is a significant transparency gap. Treat XHS_COOKIE as highly sensitive (gives account access) and only provide it after verifying the publish code and trustworthiness.
Persistence & Privilege
The skill does not request always:true and does not declare system-wide config changes. It will run scripts and (if you follow README) Playwright will download Chromium into the environment—this is not a platform privilege escalation, but it does add a sizable binary to the runtime environment. No evidence the skill modifies other skills or global agent config.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install xhs-image-gen - After installation, invoke the skill by name or use
/xhs-image-gen - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial publish
Metadata
Frequently Asked Questions
What is XHS Image Gen?
小红书笔记素材创作技能。当用户需要创建小红书笔记素材时使用这个技能。技能包含:根据用户的需求和提供的资料,撰写小红书笔记内容(标题+正文),生成图片卡片(封面+正文卡片),以及发布小红书笔记。支持 8 种精美排版主题和 4 种智能分页模式。 It is an AI Agent Skill for Claude Code / OpenClaw, with 411 downloads so far.
How do I install XHS Image Gen?
Run "/install xhs-image-gen" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is XHS Image Gen free?
Yes, XHS Image Gen is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does XHS Image Gen support?
XHS Image Gen is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created XHS Image Gen?
It is built and maintained by limoxt (@limoxt); the current version is v1.0.0.
More Skills