小红书MCP增强版 by Chaceclaw

Name: 小红书MCP增强版 by Chaceclaw
Author: ling-qian

功能描述

小红书（RED/XHS）自动化助手。提供完整的小红书操作能力：登录、发布图文/视频、搜索笔记、浏览详情、点赞收藏评论、查看博主主页、内容策划。当用户提到小红书、红书、XHS、RED、发笔记、搜笔记、小红书运营等任何与小红书相关的操作时使用此 skill，即使用户没有明确说"小红书"但描述的场景明显是小红书（如"...

使用说明 (SKILL.md)

你是小红书自动化助手，通过 xiaohongshu-mcp 的 MCP 工具帮助用户操作小红书。

前置检查（每次执行必做）

所有小红书操作依赖 xiaohongshu-mcp 提供的 MCP 工具（如 check_login_status、search_feeds 等）。执行任何操作前，先确认这些工具是否可用：

判断方法：检查当前可用的 MCP 工具列表中是否存在 check_login_status。

工具存在 → 正常执行后续流程
工具不存在 → 说明 xiaohongshu-mcp 服务未配置。直接告知用户：「小红书 MCP 服务尚未连接，请先运行 /setup-xhs-mcp 完成部署和配置。」不要尝试用其他工具（如 Playwright、WebFetch）代替。

意图识别与路由

根据用户输入判断意图，然后直接按对应子 skill 的指令执行。如果意图不明确，先询问用户想做什么。

用户意图	执行	典型说法
安装部署	按 `setup-xhs-mcp` 执行	安装、部署、配置、第一次用、连不上
登录	按 `xhs-login` 执行	登录、扫码、切换账号、检查登录
发布内容	按 `post-to-xhs` 执行	发笔记、发图文、发视频、写一篇、上传
搜索	按 `xhs-search` 执行	搜索、找笔记、搜一下、有没有
浏览详情	按 `xhs-explore` 执行	推荐、首页、看详情、看评论
互动	按 `xhs-interact` 执行	点赞、收藏、评论、回复
查看用户	按 `xhs-profile` 执行	博主主页、看看这个作者
内容策划	按 `xhs-content-plan` 执行	选题、竞品分析、热门、涨粉

全局约束

MCP 连接优先：必须通过前置检查确认 MCP 工具可用后才能执行任何操作——不可用时只提示用户运行 /setup-xhs-mcp，禁止用 Playwright、WebFetch 或其他非 xiaohongshu-mcp 的工具替代
登录优先：MCP 连接就绪后，除安装部署外，操作前先用 check_login_status 确认登录状态——未登录的情况下调用其他工具会失败
用户确认：发布、评论等写操作执行前展示内容让用户确认——因为这些操作发出后无法撤回，代表用户的公开行为
参数来源：feed_id 和 xsec_token 必须从搜索或浏览结果中获取，不可编造——编造的参数会导致 MCP 工具报错

安全使用建议

This skill appears to do what it says (automate Xiaohongshu via an external MCP service) but you should not blindly run its suggested installers or paste credentials into files without verifying the MCP implementation. Before installing/using: - Inspect the xiaohongshu-mcp package/image source (npm and Docker publisher, repository, and code) and prefer official/verified releases. - Treat the ~/.config/xiaohongshu cookies/tokens as full-account credentials: do not share them, store with strict permissions, and avoid keeping plaintext backups. - Avoid setting webhook_url to an untrusted external endpoint; it could leak refresh notifications or be abused. If you need notifications, use a trusted internal endpoint. - Run new MCP installs in an isolated environment (container or VM) and limit network access where possible. - Consider manual token refresh and local-only operation if you cannot validate the MCP package. If you cannot verify the upstream MCP tool and publisher, classify this skill as high-risk and do not provide your account cookies or enable automated operations.

功能分析

Type: OpenClaw Skill Name: chaceclaw-xiaohongshu-enhanced Version: 1.0.1 The skill bundle provides a comprehensive automation framework for Xiaohongshu (RED) that requires high-risk system access and credential handling. Key indicators include instructions for executing shell commands to install third-party software via npx and Docker in 'setup-xhs-mcp/SKILL.md', and the management of sensitive authentication cookies stored in the user's home directory (~/.config/xiaohongshu/config.json) as detailed in 'xhs-login/SKILL.md'. While the bundle includes extensive safety documentation such as 'xhs-rate-limits.md' and 'xhs-compliance.md', the inherent risks of automated credential management and system-level configuration changes without sandboxing warrant a suspicious classification despite the lack of clear malicious intent.

能力评估

✓ Purpose & Capability

Name/description match the content: all files are XHS-focused and consistently require an external xiaohongshu-mcp MCP service (check_login_status, post_note, search_feeds, etc.). Asking the user to provide cookies/tokens and local config files is proportionate to an automation assistant for a web service.

ℹ Instruction Scope

SKILL.md files are narrowly scoped to XHS operations and repeatedly require use of the xiaohongshu-mcp tool; they explicitly forbid substituting other tooling. They instruct saving cookies/tokens under ~/.config/xiaohongshu and show an optional webhook_url for refresh notifications — the webhook option could be used to send sensitive info externally if misconfigured, so treat it as a potential exfiltration vector.

⚠ Install Mechanism

There is no enforced install spec in the skill bundle, but the setup guide recommends running npx xiaohongshu-mcp@latest and docker pull xiaohongshu-mcp:latest. Those commands fetch and run code from external registries/images with no homepage, author provenance, or verified release information in the skill metadata — this is reasonable for a connector but increases supply-chain risk and warrants verifying the package/image source before running.

ℹ Credentials

The skill declares no required env vars, which is coherent, but it instructs storing highly sensitive authentication material (browser cookies, device_id, tokens) in ~/.config/xiaohongshu/*. Those are necessary for account automation but are sensitive by nature. The optional webhook_url field in the config could forward notifications (and, if misused, secrets) to external endpoints — optional but high-impact if misconfigured.

✓ Persistence & Privilege

always:false and no unusual persistence requests. The skill expects the platform to have an MCP connector available; autonomous invocation (default) would allow it to call MCP tools to act on accounts, which is expected for this type of automation. This becomes higher-risk only if combined with untrusted MCP installs or exposed credentials.

版本历史

v1.0.1

v1.0.1: 新增8个子skill（login/post/search/explore/interact/profile/content-plan/setup），限流指引xhs-rate-limits.md，合规检查表xhs-compliance.md

元数据

Slug chaceclaw-xiaohongshu-enhanced

版本 1.0.1

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题