← 返回 Skills 市场
287
总下载
0
收藏
1
当前安装
2
版本数
在 OpenClaw 中安装
/install skill-xiaohongshu
功能描述
小红书(XHS/RED)自动化助手。完整的小红书操作能力,包含 MCP 服务端。 当用户提到小红书、红书、XHS、RED、发笔记、搜笔记、小红书运营等任何与小红书相关的操作时使用此技能。
安全使用建议
This skill is functionally consistent with a Xiaohongshu automation tool, but it ships with data/cookies.json that contains multiple session tokens (access-token, id_token, web_session, etc.). Treat that as a high-risk secret: do not install or run this skill without first removing or replacing data/cookies.json with your own credentials obtained via an explicit login. Steps to reduce risk:
- Inspect and delete data/cookies.json before running. If you want to use your account, run npm run login and perform the QR login flow — do not rely on the bundled cookies.
- Run the service on localhost only: set XHS_HOST=127.0.0.1 before starting to avoid binding to all interfaces (XHS_HOST=127.0.0.1 npm start).
- If you must run on a networked host, ensure firewall rules restrict access to port 18060 and verify who controls the bundled cookies (they may be someone else’s account).
- Be aware npm install will download puppeteer and Chromium (large binary). Examine package.json dependencies and the code paths (browser.js, xhs-tools.js) for any network destinations you do not expect.
If you cannot confirm the origin/owner of the included cookies.json, treat this package as untrusted and prefer obtaining the tool from a known upstream source or reinitializing authentication yourself. If you want, I can list the sensitive cookie names found and show exactly where the code auto-loads them.
功能分析
Type: OpenClaw Skill
Name: skill-xiaohongshu
Version: 1.1.0
The skill bundle is classified as suspicious primarily due to the inclusion of a pre-populated 'data/cookies.json' file containing active session tokens and user IDs for a specific XiaoHongShu account, which is highly unusual and poses a security risk. Additionally, 'scripts/browser.js' initializes Puppeteer with high-risk security flags like '--disable-web-security' and '--disable-features=IsolateOrigins', while 'scripts/ensure-service.js' uses 'exec' to run shell commands for process management. While these appear intended for browser automation and service control, the presence of hardcoded credentials and broad permissions warrants caution.
能力评估
Purpose & Capability
Name/description (XHS automation) align with included code (puppeteer-based browser automation, MCP server, tools). However, the repository bundles a data/cookies.json containing many valid-looking session tokens (access-token, id_token, web_session, etc.), which is not explained in SKILL.md and is disproportionate: a reusable skill should not ship with active account cookies. The presence of placeholder repo/url and no homepage is also notable.
Instruction Scope
Runtime instructions tell the user to run npm install, npm run login and start the local MCP server. The code (BrowserManager.loadCookies) will automatically read data/cookies.json and set those cookies into the puppeteer page if the file exists — meaning the skill will attempt to act using the bundled credentials without explicit user consent. The server also listens default on 0.0.0.0 (all interfaces), which can expose the MCP endpoints beyond localhost if the host is network-reachable.
Install Mechanism
No remote download URLs; installation is via npm with dependencies declared in package.json (puppeteer, express, @modelcontextprotocol/sdk). Using puppeteer is expected for browser automation but will pull a Chromium binary during install (large footprint). No evidence of downloads from untrusted hosts or URL shorteners.
Credentials
The skill declares no required env vars, which is fine, but it relies on and ships credentials in data/cookies.json — effectively embedding secrets. This is disproportionate and dangerous because the included cookies may belong to a third party (or allow the skill immediate access to an account). The skill also respects XHS_PROXY/XHS_PORT/XHS_HOST which is reasonable, but defaulting to bind on 0.0.0.0 amplifies exposure.
Persistence & Privilege
The skill is not marked always:true and does not modify other skills. It can be started detached (ensure-service spawns node detached), and the default host binding (0.0.0.0) and automatic service behavior may result in a long-running background service accessible on the network — the user should be cautious about running this on publicly reachable machines.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install skill-xiaohongshu - 安装完成后,直接呼叫该 Skill 的名称或使用
/skill-xiaohongshu触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.0
v1.1.0: 重构为独立技能包,包含完整服务端代码,新增服务管理脚本
v1.0.0
Initial release of the 小红书自动化助手 skill with full MCP protocol support.
- Enables complete automation for 小红书(XHS/RED)via the local xhs-mcp-service.
- Supports login, feed search, note publishing, commenting, liking, favorites, and more (13 tools in total).
- Includes detailed deployment, usage, and environment variable setup instructions.
- Distinguishes between simple actions (usable via MCPorter) and complex actions (requiring Node.js scripts).
- Provides best practices and important operational notes for reliability and safety.
元数据
常见问题
小红书 MCP 服务 是什么?
小红书(XHS/RED)自动化助手。完整的小红书操作能力,包含 MCP 服务端。 当用户提到小红书、红书、XHS、RED、发笔记、搜笔记、小红书运营等任何与小红书相关的操作时使用此技能。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 287 次。
如何安装 小红书 MCP 服务?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install skill-xiaohongshu」即可一键安装,无需额外配置。
小红书 MCP 服务 是免费的吗?
是的,小红书 MCP 服务 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
小红书 MCP 服务 支持哪些平台?
小红书 MCP 服务 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 小红书 MCP 服务?
由 wezn(@weznai)开发并维护,当前版本 v1.1.0。
推荐 Skills