← 返回 Skills 市场
2718
总下载
4
收藏
16
当前安装
16
版本数
在 OpenClaw 中安装
/install xhs-skill
功能描述
小红书(创作者中心)登录拿 cookies、发布笔记、导出数据的单一入口技能(浏览器交互委托 agent-browser-stealth)
安全使用建议
This skill appears to do what it says: local helpers plus enforcement scripts around Xiaohongshu login, cookie export/normalization, payload verification and review. Before installing: (1) Review and run the included scripts locally to confirm behavior—they read/write files under data/ and config/, and will export cookies (these cookies can grant account access if mishandled). (2) If you enable the review script's AI features, ensure you understand which API key will be used (OpenAI keys are not declared in registry); only provide credentials you trust. (3) The SKILL.md enforces a strict response/output format (scanner flagged this as a potential prompt-override); this is probably harmless formatting guidance but be cautious about workflows that require pasting sensitive tokens into chat. (4) 'npm i' pulls only image/QR-related packages — if you prefer, inspect package.json and node_modules before running. If you need higher assurance, ask the author for a signed source/homepage or for explicit confirmation about whether any network calls (beyond optional AI calls) are performed by the scripts.
功能分析
Type: OpenClaw Skill
Name: xhs-skill
Version: 1.0.15
The skill is classified as suspicious primarily due to the `scripts/review_publish_payload.mjs` script making external API calls to OpenAI (or a configurable `OPENAI_BASE_URL`) for content moderation. This involves sending user-generated content (title, body, tags, and potentially base64-encoded images) to a third-party service. While the stated purpose is benign (content review and anti-AI measures), this capability represents a significant data privacy concern and a potential data exfiltration vector if the API key or the external service were compromised, or if the skill's true intent were malicious. Additionally, the `SKILL.md` instructs the AI agent to execute various shell commands (`node`, `agent-browser-stealth`, `sips`), which introduces a vulnerability risk if the agent's command execution mechanism does not robustly sanitize all user-provided inputs before execution, potentially leading to shell injection.
能力评估
Purpose & Capability
Name/description match the code and instructions: scripts and CLI focus on QR decoding, cookie normalization, login verification, publish payload verification, and content review. All files relate to Xiaohongshu workflows and no unrelated cloud or system credentials are requested.
Instruction Scope
The SKILL.md instructs the agent to delegate all browser interactions to agent-browser-stealth and to read/write artifacts under a local data/ directory (cookies, screenshots, exports). It also enforces strict output formatting (e.g., must run the CLI to decode QR and paste QR text + ASCII) and requires running local verification/audit scripts before publishing. This is expected for the skill's purpose, but the SKILL.md contains rigid '回传规范' (return/output rules) that were flagged as a potential system-prompt-override pattern — likely an instruction-level constraint rather than an actual prompt-injection exploit, but you should be aware it attempts to control agent output formatting.
Install Mechanism
There is no registry install spec in the metadata, but SKILL.md instructs users to run 'npm i' locally. package.json dependencies (jsqr, pngjs, qrcode-terminal) are reasonable and limited to QR/cookie/image utilities. No downloads from arbitrary URLs or extract-from-remote steps were found.
Credentials
The registry declares no required env vars or credentials, which matches most usage. Configuration includes an AI provider section (base_url set to api.openai.com) and the review script accepts an ai-provider option — AI calls appear optional and can be disabled via flags. If you enable AI features, an API key (not declared) would be needed; otherwise operation should be local. No unrelated secrets or cloud credentials are requested.
Persistence & Privilege
The skill is not always-on, is user-invocable, and does not request persistent system-wide privileges or modify other skills. It reads/writes only local files under data/ and project config; no elevated privileges or always:true settings were requested.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install xhs-skill - 安装完成后,直接呼叫该 Skill 的名称或使用
/xhs-skill触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.15
docs: 增强发布路由定位与回查稳定性
v1.0.14
docs: 补充发版前快速自检清单
v1.0.13
**Summary:**
Deprecates in-repo automation for note publishing; all publishing browser automation must now be executed by `agent-browser-stealth` in interactive sessions.
- Removed in-repository publishing script (`scripts/publish_from_payload.mjs`)
- Updated documentation to prohibit maintaining browser publishing automation within this repository
- Clarified all publishing actions must be manually or interactively controlled via `agent-browser-stealth`
- Documentation and workflow guidance updated accordingly, reflecting stricter separation of concerns
v1.0.12
新增分层审核门禁与 risk_path/review_queue 输出
v1.0.11
强化来源证据与真实话题门禁,收紧 anti-AI 校验
v1.0.10
新增反AI文案门禁与真实标签池校验,发布前强制真实话题确认
v1.0.9
全面切换 agent-browser-stealth,禁用 agent-browser,并补充防封发布策略与频率门禁
v1.0.8
修复一键发布上传:优先选择 input[type=file]
v1.0.7
修复一键发布:兼容 agent-browser snapshot refs 新结构
v1.0.6
添加一键发布命令、禁链接门禁、登录验收放宽
v1.0.5
固化发布可靠性 checklist:\n 门禁、图片3:4校验、发布后读回闭环
v1.0.4
强化热点发布门禁:禁止截图直发,强制标题正文标签来源校验
v1.0.3
统一触发元数据与登录验收标准:新增 openai.yaml、登录校验脚本与结果契约
v1.0.2
强化登录与发布硬性校验:web_session必需、串行session、ref重抓、ProseMirror与标题长度校验
v1.0.1
修复登录流程:二维码必须回传文本与ASCII,禁止仅返回文件路径
v1.0.0
xhs-skill v1.0.0
- 首次发布:将小红书(创作者中心)登录、发布、数据导出能力整合为单一入口,安装一次即可使用全部功能。
- 浏览器所有交互(登录、扫码、上传、截图、导出等)统一委托给 agent-browser。
- 所有敏感数据(cookies、截图、导出文件)仅保存在本机 data/ 目录。
- 提供本地 CLI 工具,支持二维码显示、cookies 归一化及转换为 HTTP header。
- 支持发布图文/视频笔记并集成素材自动准备流程,可方便用户定制配图或图标需求。
- 支持从创作者中心批量导出数据(CSV/XLSX/截图)并自动归档至本地。
元数据
常见问题
Xhs Skill 是什么?
小红书(创作者中心)登录拿 cookies、发布笔记、导出数据的单一入口技能(浏览器交互委托 agent-browser-stealth). 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 2718 次。
如何安装 Xhs Skill?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install xhs-skill」即可一键安装,无需额外配置。
Xhs Skill 是免费的吗?
是的,Xhs Skill 完全免费(开源免费),可自由下载、安装和使用。
Xhs Skill 支持哪些平台?
Xhs Skill 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Xhs Skill?
由 郭立lee(@leeguooooo)开发并维护,当前版本 v1.0.15。
推荐 Skills