← Back to Skills Marketplace
843
Downloads
1
Stars
21
Active Installs
1
Versions
Install in OpenClaw
/install xiaohongshuskills
Description
将图文/视频内容自动发布到小红书(XHS)。 支持三类任务:发布图文、发布视频、仅启动测试浏览器(不发布)。
Usage Guidance
Plain-language checklist before installing or running this skill:
- Review and run the code in an isolated environment first (VM or throwaway account) — these scripts will execute on your machine.
- Chrome is required but not declared: ensure you install Chrome and run the tool with a dedicated Chrome profile (do NOT point it at your primary browser profile). The tool creates/manages user-data-dirs and can delete them when asked (remove-account --delete-profile).
- The skill reads/writes local files (config/, tmp/) and stores login/cache info; expect persistent session data on disk.
- The tool can download arbitrary media URLs and will save them in a temp directory — only provide trusted URLs.
- Be careful with remote CDP (--host not localhost): connecting to an untrusted remote Chrome instance or allowing remote CDP access may expose sensitive data (cookies, pages). Avoid remote mode unless you control the remote machine.
- The SKILL.md says human confirmation is required before publishing, but the code supports --auto-publish which bypasses confirmation. If you allow autonomous agent invocation, ensure the agent is not permitted to call publish commands with --auto-publish.
- If you need to use this: create a dedicated OS user or Chrome profile for testing, back up any important Chrome profiles, and run the scripts manually once to observe behavior before granting agent-level invocation.
- If you are not comfortable auditing Python code, do not install it with elevated trust; prefer manual use only (run CLI yourself) rather than giving the skill autonomous privileges.
Capability Analysis
Type: OpenClaw Skill
Name: xiaohongshuskills
Version: 0.1.0
The skill bundle is classified as suspicious due to its extensive use of Chrome DevTools Protocol (CDP) for browser automation, including the powerful `Runtime.evaluate` command for arbitrary JavaScript execution and `DOM.setFileInputFiles` for local file uploads. While user input for these commands is consistently JSON-escaped (`json.dumps`) to mitigate direct prompt/JS injection, the inherent power and complexity of CDP interactions present a significant attack surface. Additionally, `account_manager.py` uses `shutil.rmtree` to delete Chrome profile directories, a powerful capability that, if exploited through path manipulation (though currently mitigated by safe path construction), could lead to data loss. There is no evidence of intentional malicious behavior such as data exfiltration or unauthorized remote control, and the `SKILL.md` explicitly mandates user confirmation before publishing, which is a strong mitigating control against prompt injection leading to unauthorized actions.
Capability Assessment
Purpose & Capability
The name/description (auto-post to Xiaohongshu) aligns with the included modules: Chrome launcher, CDP publisher, account manager, feed explorer, image downloader, and publish pipeline. The only mild mismatch: the registry metadata lists no required binaries, but the SKILL.md and README explicitly require Google Chrome and Python 3.10+. Overall the requested files and operations are consistent with the stated purpose.
Instruction Scope
Runtime instructions and code perform browser automation via Chrome DevTools Protocol, manipulate Chrome user-data-dirs (profiles), read/write local config and cache (accounts.json, login_status_cache.json), download arbitrary media URLs, and scrape page state (window.__INITIAL_STATE__). These are all within 'publishing/search' functionality, but they also provide the ability to inspect notifications, retrieve mentions, and post comments. Notably: (1) the skill can access and modify browser profiles (cookies/session state) and can delete profile directories; (2) it supports remote CDP host/port connections (connect to arbitrary remote Chrome instances); (3) image/video downloader will fetch arbitrary URLs with custom Referer headers. All of these increase the attack surface and sensitivity of what the skill can read/modify.
Install Mechanism
This is instruction + included Python code (no install spec). A minimal requirements.txt (requests, websockets) is provided. No external download URL or archive-extract steps are present in the manifest. Risk from install mechanism is low, but executing the shipped scripts will run arbitrary Python code on the host, so users should review the source before running.
Credentials
The skill declares no required environment variables or primary credential, which matches the manifest. However, it relies on environment/state implicitly: LOCALAPPDATA or home directory for Chrome profile paths, filesystem access to create/delete profile dirs and temp files, network access to download media and to reach Xiaohongshu and optional remote CDP hosts, and ability to open/listen to TCP ports. These are plausible needs for the task, but they are sensitive (access to browser cookies/session via profiles and CDP).
Persistence & Privilege
always:false (good). The skill persists data locally (config/accounts.json, profile directories, tmp/login_status_cache.json, temporary downloaded media). This is expected for multi-account publishing, but there is an operational risk: the tool supports a --auto-publish flag (bypass confirmation) and the agent platform allows autonomous invocation by default — combined, that can let the agent publish posts without an explicit human confirmation if invoked with that flag. The skill can also connect to remote CDP endpoints (which could be an untrusted remote Chrome) — a privilege to be used with caution.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install xiaohongshuskills - After installation, invoke the skill by name or use
/xiaohongshuskills - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
RedBookSkills v0.1.0 — Initial Release
- Automates publishing of text-image and video content to Xiaohongshu (XHS), plus testing browser control.
- Supports three tasks: publish text-image, publish video, or start/test browser without publishing.
- Includes interactive input validation, requiring user confirmation before posting.
- Handles content search, detail retrieval, commenting, notification mentions, and content metrics.
- Provides command examples and strict publishing constraints (e.g., title length, image/video exclusivity, headless mode default).
- Adds multi-account switching and robust error handling with user-friendly prompts.
Metadata
Frequently Asked Questions
What is xiaohongshuskills?
将图文/视频内容自动发布到小红书(XHS)。 支持三类任务:发布图文、发布视频、仅启动测试浏览器(不发布)。 It is an AI Agent Skill for Claude Code / OpenClaw, with 843 downloads so far.
How do I install xiaohongshuskills?
Run "/install xiaohongshuskills" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is xiaohongshuskills free?
Yes, xiaohongshuskills is completely free (open-source). You can download, install and use it at no cost.
Which platforms does xiaohongshuskills support?
xiaohongshuskills is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created xiaohongshuskills?
It is built and maintained by 青玉白露 (@white0dew); the current version is v0.1.0.
More Skills