← Back to Skills Marketplace
ling-qian

小红书MCP增强版 by Chaceclaw

by Chace · GitHub ↗ · v1.0.1 · MIT-0
cross-platform ⚠ suspicious
84
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install chaceclaw-xiaohongshu-enhanced
Description
小红书(RED/XHS)自动化助手。提供完整的小红书操作能力:登录、发布图文/视频、搜索笔记、浏览详情、点赞收藏评论、查看博主主页、内容策划。 当用户提到小红书、红书、XHS、RED、发笔记、搜笔记、小红书运营等任何与小红书相关的操作时使用此 skill,即使用户没有明确说"小红书"但描述的场景明显是小红书(如"...
README (SKILL.md)

你是小红书自动化助手,通过 xiaohongshu-mcp 的 MCP 工具帮助用户操作小红书。

前置检查(每次执行必做)

所有小红书操作依赖 xiaohongshu-mcp 提供的 MCP 工具(如 check_login_statussearch_feeds 等)。执行任何操作前,先确认这些工具是否可用:

判断方法:检查当前可用的 MCP 工具列表中是否存在 check_login_status

  • 工具存在 → 正常执行后续流程
  • 工具不存在 → 说明 xiaohongshu-mcp 服务未配置。直接告知用户:「小红书 MCP 服务尚未连接,请先运行 /setup-xhs-mcp 完成部署和配置。」不要尝试用其他工具(如 Playwright、WebFetch)代替。

意图识别与路由

根据用户输入判断意图,然后直接按对应子 skill 的指令执行。如果意图不明确,先询问用户想做什么。

用户意图 执行 典型说法
安装部署 setup-xhs-mcp 执行 安装、部署、配置、第一次用、连不上
登录 xhs-login 执行 登录、扫码、切换账号、检查登录
发布内容 post-to-xhs 执行 发笔记、发图文、发视频、写一篇、上传
搜索 xhs-search 执行 搜索、找笔记、搜一下、有没有
浏览详情 xhs-explore 执行 推荐、首页、看详情、看评论
互动 xhs-interact 执行 点赞、收藏、评论、回复
查看用户 xhs-profile 执行 博主主页、看看这个作者
内容策划 xhs-content-plan 执行 选题、竞品分析、热门、涨粉

全局约束

  1. MCP 连接优先:必须通过前置检查确认 MCP 工具可用后才能执行任何操作——不可用时只提示用户运行 /setup-xhs-mcp,禁止用 Playwright、WebFetch 或其他非 xiaohongshu-mcp 的工具替代
  2. 登录优先:MCP 连接就绪后,除安装部署外,操作前先用 check_login_status 确认登录状态——未登录的情况下调用其他工具会失败
  3. 用户确认:发布、评论等写操作执行前展示内容让用户确认——因为这些操作发出后无法撤回,代表用户的公开行为
  4. 参数来源feed_idxsec_token 必须从搜索或浏览结果中获取,不可编造——编造的参数会导致 MCP 工具报错
Usage Guidance
This skill appears to do what it says (automate Xiaohongshu via an external MCP service) but you should not blindly run its suggested installers or paste credentials into files without verifying the MCP implementation. Before installing/using: - Inspect the xiaohongshu-mcp package/image source (npm and Docker publisher, repository, and code) and prefer official/verified releases. - Treat the ~/.config/xiaohongshu cookies/tokens as full-account credentials: do not share them, store with strict permissions, and avoid keeping plaintext backups. - Avoid setting webhook_url to an untrusted external endpoint; it could leak refresh notifications or be abused. If you need notifications, use a trusted internal endpoint. - Run new MCP installs in an isolated environment (container or VM) and limit network access where possible. - Consider manual token refresh and local-only operation if you cannot validate the MCP package. If you cannot verify the upstream MCP tool and publisher, classify this skill as high-risk and do not provide your account cookies or enable automated operations.
Capability Analysis
Type: OpenClaw Skill Name: chaceclaw-xiaohongshu-enhanced Version: 1.0.1 The skill bundle provides a comprehensive automation framework for Xiaohongshu (RED) that requires high-risk system access and credential handling. Key indicators include instructions for executing shell commands to install third-party software via npx and Docker in 'setup-xhs-mcp/SKILL.md', and the management of sensitive authentication cookies stored in the user's home directory (~/.config/xiaohongshu/config.json) as detailed in 'xhs-login/SKILL.md'. While the bundle includes extensive safety documentation such as 'xhs-rate-limits.md' and 'xhs-compliance.md', the inherent risks of automated credential management and system-level configuration changes without sandboxing warrant a suspicious classification despite the lack of clear malicious intent.
Capability Assessment
Purpose & Capability
Name/description match the content: all files are XHS-focused and consistently require an external xiaohongshu-mcp MCP service (check_login_status, post_note, search_feeds, etc.). Asking the user to provide cookies/tokens and local config files is proportionate to an automation assistant for a web service.
Instruction Scope
SKILL.md files are narrowly scoped to XHS operations and repeatedly require use of the xiaohongshu-mcp tool; they explicitly forbid substituting other tooling. They instruct saving cookies/tokens under ~/.config/xiaohongshu and show an optional webhook_url for refresh notifications — the webhook option could be used to send sensitive info externally if misconfigured, so treat it as a potential exfiltration vector.
Install Mechanism
There is no enforced install spec in the skill bundle, but the setup guide recommends running npx xiaohongshu-mcp@latest and docker pull xiaohongshu-mcp:latest. Those commands fetch and run code from external registries/images with no homepage, author provenance, or verified release information in the skill metadata — this is reasonable for a connector but increases supply-chain risk and warrants verifying the package/image source before running.
Credentials
The skill declares no required env vars, which is coherent, but it instructs storing highly sensitive authentication material (browser cookies, device_id, tokens) in ~/.config/xiaohongshu/*. Those are necessary for account automation but are sensitive by nature. The optional webhook_url field in the config could forward notifications (and, if misused, secrets) to external endpoints — optional but high-impact if misconfigured.
Persistence & Privilege
always:false and no unusual persistence requests. The skill expects the platform to have an MCP connector available; autonomous invocation (default) would allow it to call MCP tools to act on accounts, which is expected for this type of automation. This becomes higher-risk only if combined with untrusted MCP installs or exposed credentials.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install chaceclaw-xiaohongshu-enhanced
  3. After installation, invoke the skill by name or use /chaceclaw-xiaohongshu-enhanced
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
v1.0.1: 新增8个子skill(login/post/search/explore/interact/profile/content-plan/setup),限流指引xhs-rate-limits.md,合规检查表xhs-compliance.md
Metadata
Slug chaceclaw-xiaohongshu-enhanced
Version 1.0.1
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is 小红书MCP增强版 by Chaceclaw?

小红书(RED/XHS)自动化助手。提供完整的小红书操作能力:登录、发布图文/视频、搜索笔记、浏览详情、点赞收藏评论、查看博主主页、内容策划。 当用户提到小红书、红书、XHS、RED、发笔记、搜笔记、小红书运营等任何与小红书相关的操作时使用此 skill,即使用户没有明确说"小红书"但描述的场景明显是小红书(如"... It is an AI Agent Skill for Claude Code / OpenClaw, with 84 downloads so far.

How do I install 小红书MCP增强版 by Chaceclaw?

Run "/install chaceclaw-xiaohongshu-enhanced" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is 小红书MCP增强版 by Chaceclaw free?

Yes, 小红书MCP增强版 by Chaceclaw is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does 小红书MCP增强版 by Chaceclaw support?

小红书MCP增强版 by Chaceclaw is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created 小红书MCP增强版 by Chaceclaw?

It is built and maintained by Chace (@ling-qian); the current version is v1.0.1.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 Comments