← Back to Skills Marketplace
186
Downloads
2
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install xiaohongshu-aio
Description
小红书MCP服务下载、启动、重启、检测,小红书多账号管理、登录、状态检查、内容发布、小红书笔记和视频发布、点赞评论操作和用户信息查询等需要调用本技能。当用户需要从小红书获取笔记和视频数据、用户数据、发布笔记或视频时需要调用本技能。
Usage Guidance
This skill appears to do what it says: manage Xiaohongshu accounts via a local MCP server. Before installing, consider the following:
- The MCP manager downloads release assets from GitHub and extracts/executables them in your working directory without checksum or signature verification. Only proceed if you trust the repository and release artifacts; inspect the binaries or run in an isolated environment (container or VM).
- The skill stores account cookies in user_cookies.json and writes cookies.json into the MCP server directory when switching accounts. Treat these files as sensitive (they can be used to impersonate accounts) and protect them with filesystem permissions or store them in a secure location.
- The code spawns system commands (lsof, pgrep, netstat, subprocesses) and runs the MCP binary. Ensure you understand and accept these host-level operations on any machine where you run the skill.
- The declared dependency on the 'uv' CLI appears only in documentation/installation steps; confirm you want to install/use that tool and where it will fetch packages from.
If you need higher assurance, request the upstream GitHub repository/author for signed releases or run the skill in an isolated environment and review the downloaded binaries before execution.
Capability Analysis
Type: OpenClaw Skill
Name: xiaohongshu-aio
Version: 0.1.6
The skill bundle contains functionality in `mcp_service.py` to automatically download, extract, and execute binary files from a remote GitHub repository (xpzouying/xiaohongshu-mcp). While this behavior is aligned with the stated purpose of managing an MCP server, the 'download and execute' pattern is a high-risk capability that bypasses standard package management and executes unverified external code. Additionally, the tool manages sensitive authentication cookies in `account.py` and `user_cookies.json`, which could be targeted if the external binaries or the repository were compromised.
Capability Assessment
Purpose & Capability
Name, README, SKILL.md and included Python modules implement Xiaohongshu MCP client functionality (account mgmt, login, publish, feed, MCP server management). Required env var XHS_MCP_BASE_URL and binaries (python, uv) match documented usage (the CLI uses 'uv' commands in docs).
Instruction Scope
SKILL.md directs local operations against an MCP server (start/stop/status/download), account cookie read/write, and HTTP calls to the MCP API. It does not request unrelated host files or additional credentials beyond the MCP base URL. The instructions explicitly tell the agent to run local commands and manage cookies, which aligns with purpose.
Install Mechanism
No formal install spec in registry, but the package contains Python code and an MCP manager that fetches release assets from GitHub (api.github.com + asset browser_download_url), downloads archives, extracts them into the working directory and sets executable bits. This is expected for installing server binaries, but the code performs extraction and makes binaries executable without checksum/signature verification — a moderate operational risk that a user should review.
Credentials
Declared environment variables (XHS_MCP_BASE_URL, fallback XHS_BASE_URL, XHS_TIMEOUT, XHS_VERIFY_SSL) are relevant to contacting the MCP server. No unrelated secrets or extra service credentials are requested. Note: the registry marks XHS_MCP_BASE_URL as the "primary credential" even though it's a URL, not a secret key.
Persistence & Privilege
Skill writes local files (user_cookies.json, writes cookies.json into the MCP server directory when switching accounts) and may download and execute MCP binaries. always:false and no cross-skill modifications. These behaviors are coherent with the purpose but grant the skill ability to persist sensitive cookies locally and to run downloaded binaries — consider isolation.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install xiaohongshu-aio - After installation, invoke the skill by name or use
/xiaohongshu-aio - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.6
- Added built-in MCP 服务器下载、启动、停止、重启和状态检测命令,简化环境依赖管理
- 删除 check-service.sh、download_mcp.sh 等 shell 工具,相关功能集成到 CLI
- 新增 mcp_service.py,统一管理服务器相关流程和命令接口
- 优化并统一命令结构:所有服务器操作均可用 `xhs mcp ...` 命令完成
- 文档全面更新,明确强调“一体化”管理与全流程自动化体验
- 其他细节修正和结构调整,提升技能易用性
v0.1.0
xiaohongshu-aio v0.1.0 — 小红书 MCP 客户端技能首发
- 新增账号管理:支持添加、删除、列出、切换、导入账号与切换账号 cookies
- 集成登录流程:包含登录状态检查、二维码扫码登录和登出
- 支持内容发布:可发布图文、视频内容,支持标签参数
- 提供 Feed 管理和内容搜索、详情获取功能
- 支持互动操作:点赞、收藏、发表评论
- 查询当前及其他用户信息
- 依赖小红书 MCP 服务器、httpx、typer、pydantic、rich
- 提供详细说明文档和常见问题排查指南
Metadata
Frequently Asked Questions
What is 小红书操作全集 Xiaohongshu All In One 基于api接口稳定快速?
小红书MCP服务下载、启动、重启、检测,小红书多账号管理、登录、状态检查、内容发布、小红书笔记和视频发布、点赞评论操作和用户信息查询等需要调用本技能。当用户需要从小红书获取笔记和视频数据、用户数据、发布笔记或视频时需要调用本技能。 It is an AI Agent Skill for Claude Code / OpenClaw, with 186 downloads so far.
How do I install 小红书操作全集 Xiaohongshu All In One 基于api接口稳定快速?
Run "/install xiaohongshu-aio" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is 小红书操作全集 Xiaohongshu All In One 基于api接口稳定快速 free?
Yes, 小红书操作全集 Xiaohongshu All In One 基于api接口稳定快速 is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does 小红书操作全集 Xiaohongshu All In One 基于api接口稳定快速 support?
小红书操作全集 Xiaohongshu All In One 基于api接口稳定快速 is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created 小红书操作全集 Xiaohongshu All In One 基于api接口稳定快速?
It is built and maintained by CN-P5 (@cn-p5); the current version is v0.1.6.
More Skills