← 返回 Skills 市场
276
总下载
0
收藏
1
当前安装
2
版本数
在 OpenClaw 中安装
/install skill-xhs-mcp-service
功能描述
小红书(XHS/RED)自动化助手。完整的小红书操作能力,包含 MCP 服务端。 当用户提到小红书、红书、XHS、RED、发笔记、搜笔记、小红书运营等任何与小红书相关的操作时使用此技能。
安全使用建议
This skill appears to implement the stated Xiaohongshu automation features, but it ships with data/cookies.json that contains session tokens (access-token-*, id_token, web_session, etc.). Those are effectively credentials and let anyone running the skill act as that account. Before installing or running: 1) Do not run the service with the bundled cookies.json; inspect data/cookies.json and remove or replace it with your own cookies only after you understand the contents. 2) Prefer to run 'npm run login' yourself (the provided login.js opens a browser for QR login) to generate fresh cookies tied to your account, and then delete the included cookies file. 3) If the included cookies belong to you and you intentionally want to use them, rotate those session tokens/passwords after distributing code publicly. 4) Run the skill in an isolated environment (VM or container) if you must test it. 5) Review the code (browser.js, xhs-tools.js, ensure-service.js) for any additional endpoints or logging you don't expect; while no obvious exfiltration endpoints are present, the presence of embedded credentials is already a serious privacy/risk issue. If you don't control the account represented by the cookies, treat the package as unsafe and prefer a version that does not ship credentials.
功能分析
Type: OpenClaw Skill
Name: skill-xhs-mcp-service
Version: 1.1.0
The skill bundle provides comprehensive XiaoHongShu automation but contains a highly irregular 'data/cookies.json' file pre-populated with active session tokens (including 'access-token' and 'web_session'), which is a significant security risk and irregular for a skill distribution. Additionally, 'scripts/browser.js' initializes Puppeteer with high-risk flags such as '--disable-web-security' and '--no-sandbox', and 'scripts/ensure-service.js' uses 'child_process.exec' for process management. While these elements are functionally related to the skill's purpose, the inclusion of hardcoded session data and the reduction of browser security boundaries are characteristic of high-risk or poorly secured automation tools.
能力评估
Purpose & Capability
Name, description, and code (puppeteer-based browser automation + MCP server) are coherent for a Xiaohongshu automation skill. However, the package includes data/cookies.json with many cookie entries (including access-token-*, id_token, web_session, customer-sso-sid, etc.). Bundling live session cookies with the skill is not required by the stated purpose and is disproportionate — it effectively embeds credentials for an account into the distributed package.
Instruction Scope
SKILL.md tells users to run 'npm run login' to scan a QR and save cookies, and otherwise describes normal MCP usage. The runtime code (browser.js) automatically loads cookies.json if present without requiring explicit user action. The SKILL.md does not call out or warn that a prepopulated cookies.json exists; that mismatch creates a risk the skill will silently use embedded session cookies rather than requiring the user's own login.
Install Mechanism
There is no external download/install script; dependencies are standard (express, puppeteer, @modelcontextprotocol/sdk, qrcode, zod). No remote arbitrary URL downloads or obscure install channels are used. This is an instruction-and-code package that relies on npm for dependencies.
Credentials
The skill declares no required secrets/env vars (only XHS_PORT/XHS_HOST/XHS_PROXY), which is appropriate. However, the presence of baked-in cookies.json with session tokens is equivalent to shipping credentials in the package — this is disproportionate and inconsistent with 'no credentials required'. The skill will use those cookies automatically (via BrowserManager.loadCookies), giving anyone running it access as the embedded account. There is no mechanism in SKILL.md requiring users to inspect or remove those cookies prior to use.
Persistence & Privilege
The skill does not request elevated platform privileges or set always:true. It can spawn a detached node process to run the MCP service (ensure-service.js uses spawn with detached: true) which will run in background — normal for a service but means the process can persist after the invoking shell exits. The stop method uses a Windows taskkill command that could be imprecise on some systems. Autonomous invocation remains enabled (default) but is not combined with any other broad privileges in the package.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install skill-xhs-mcp-service - 安装完成后,直接呼叫该 Skill 的名称或使用
/skill-xhs-mcp-service触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.0
v1.1.0: 重构为独立技能包,包含完整服务端代码,新增服务管理脚本
v1.0.0
Initial release of skill-xhs-mcp-service:
- Provides a complete set of automation tools for Xiaohongshu (RED/XHS) via local xhs-mcp-service.
- Supports login, feed retrieval, note search, liking, favoriting, commenting, profile access, and content publishing (text/image/video).
- Includes detailed deployment instructions and environment variable support.
- Notes on MCPorter usage and Windows limitations for array parameters.
- Highlights best practices and important usage restrictions (posting limits, login session, etc.).
元数据
常见问题
小红书 MCP 服务 是什么?
小红书(XHS/RED)自动化助手。完整的小红书操作能力,包含 MCP 服务端。 当用户提到小红书、红书、XHS、RED、发笔记、搜笔记、小红书运营等任何与小红书相关的操作时使用此技能。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 276 次。
如何安装 小红书 MCP 服务?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install skill-xhs-mcp-service」即可一键安装,无需额外配置。
小红书 MCP 服务 是免费的吗?
是的,小红书 MCP 服务 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
小红书 MCP 服务 支持哪些平台?
小红书 MCP 服务 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 小红书 MCP 服务?
由 wezn(@weznai)开发并维护,当前版本 v1.1.0。
推荐 Skills