← Back to Skills Marketplace
287
Downloads
0
Stars
1
Active Installs
2
Versions
Install in OpenClaw
/install skill-xiaohongshu
Description
小红书(XHS/RED)自动化助手。完整的小红书操作能力,包含 MCP 服务端。 当用户提到小红书、红书、XHS、RED、发笔记、搜笔记、小红书运营等任何与小红书相关的操作时使用此技能。
Usage Guidance
This skill is functionally consistent with a Xiaohongshu automation tool, but it ships with data/cookies.json that contains multiple session tokens (access-token, id_token, web_session, etc.). Treat that as a high-risk secret: do not install or run this skill without first removing or replacing data/cookies.json with your own credentials obtained via an explicit login. Steps to reduce risk:
- Inspect and delete data/cookies.json before running. If you want to use your account, run npm run login and perform the QR login flow — do not rely on the bundled cookies.
- Run the service on localhost only: set XHS_HOST=127.0.0.1 before starting to avoid binding to all interfaces (XHS_HOST=127.0.0.1 npm start).
- If you must run on a networked host, ensure firewall rules restrict access to port 18060 and verify who controls the bundled cookies (they may be someone else’s account).
- Be aware npm install will download puppeteer and Chromium (large binary). Examine package.json dependencies and the code paths (browser.js, xhs-tools.js) for any network destinations you do not expect.
If you cannot confirm the origin/owner of the included cookies.json, treat this package as untrusted and prefer obtaining the tool from a known upstream source or reinitializing authentication yourself. If you want, I can list the sensitive cookie names found and show exactly where the code auto-loads them.
Capability Analysis
Type: OpenClaw Skill
Name: skill-xiaohongshu
Version: 1.1.0
The skill bundle is classified as suspicious primarily due to the inclusion of a pre-populated 'data/cookies.json' file containing active session tokens and user IDs for a specific XiaoHongShu account, which is highly unusual and poses a security risk. Additionally, 'scripts/browser.js' initializes Puppeteer with high-risk security flags like '--disable-web-security' and '--disable-features=IsolateOrigins', while 'scripts/ensure-service.js' uses 'exec' to run shell commands for process management. While these appear intended for browser automation and service control, the presence of hardcoded credentials and broad permissions warrants caution.
Capability Assessment
Purpose & Capability
Name/description (XHS automation) align with included code (puppeteer-based browser automation, MCP server, tools). However, the repository bundles a data/cookies.json containing many valid-looking session tokens (access-token, id_token, web_session, etc.), which is not explained in SKILL.md and is disproportionate: a reusable skill should not ship with active account cookies. The presence of placeholder repo/url and no homepage is also notable.
Instruction Scope
Runtime instructions tell the user to run npm install, npm run login and start the local MCP server. The code (BrowserManager.loadCookies) will automatically read data/cookies.json and set those cookies into the puppeteer page if the file exists — meaning the skill will attempt to act using the bundled credentials without explicit user consent. The server also listens default on 0.0.0.0 (all interfaces), which can expose the MCP endpoints beyond localhost if the host is network-reachable.
Install Mechanism
No remote download URLs; installation is via npm with dependencies declared in package.json (puppeteer, express, @modelcontextprotocol/sdk). Using puppeteer is expected for browser automation but will pull a Chromium binary during install (large footprint). No evidence of downloads from untrusted hosts or URL shorteners.
Credentials
The skill declares no required env vars, which is fine, but it relies on and ships credentials in data/cookies.json — effectively embedding secrets. This is disproportionate and dangerous because the included cookies may belong to a third party (or allow the skill immediate access to an account). The skill also respects XHS_PROXY/XHS_PORT/XHS_HOST which is reasonable, but defaulting to bind on 0.0.0.0 amplifies exposure.
Persistence & Privilege
The skill is not marked always:true and does not modify other skills. It can be started detached (ensure-service spawns node detached), and the default host binding (0.0.0.0) and automatic service behavior may result in a long-running background service accessible on the network — the user should be cautious about running this on publicly reachable machines.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install skill-xiaohongshu - After installation, invoke the skill by name or use
/skill-xiaohongshu - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.0
v1.1.0: 重构为独立技能包,包含完整服务端代码,新增服务管理脚本
v1.0.0
Initial release of the 小红书自动化助手 skill with full MCP protocol support.
- Enables complete automation for 小红书(XHS/RED)via the local xhs-mcp-service.
- Supports login, feed search, note publishing, commenting, liking, favorites, and more (13 tools in total).
- Includes detailed deployment, usage, and environment variable setup instructions.
- Distinguishes between simple actions (usable via MCPorter) and complex actions (requiring Node.js scripts).
- Provides best practices and important operational notes for reliability and safety.
Metadata
Frequently Asked Questions
What is 小红书 MCP 服务?
小红书(XHS/RED)自动化助手。完整的小红书操作能力,包含 MCP 服务端。 当用户提到小红书、红书、XHS、RED、发笔记、搜笔记、小红书运营等任何与小红书相关的操作时使用此技能。 It is an AI Agent Skill for Claude Code / OpenClaw, with 287 downloads so far.
How do I install 小红书 MCP 服务?
Run "/install skill-xiaohongshu" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is 小红书 MCP 服务 free?
Yes, 小红书 MCP 服务 is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does 小红书 MCP 服务 support?
小红书 MCP 服务 is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created 小红书 MCP 服务?
It is built and maintained by wezn (@weznai); the current version is v1.1.0.
More Skills