xhsmander

小红书自动化发布技能。通过 Docker 容器中的 xiaohongshu-mcp 服务，实现登录、发布图文、搜索、互动等操作。 当用户提到发小红书、发笔记、发布内容、扫码登录小红书、小红书自动化、小红书发布时使用此技能。

This package generally does what its description says, but take the following precautions before using it: - Treat the Docker image as untrusted until inspected. Either review the image source (xpzouying/xiaohongshu-mcp) on Docker Hub, pull and inspect it locally, or run it inside an isolated VM/container host. - Fix the hardcoded Windows paths in scripts (check_status.py, get_qr.py, publish_post.py) before running on your machine; they won't work on non-Windows systems and may overwrite files if the exact path exists. - Review or run the Python scripts locally to confirm they only interact with localhost:18060 and write to the intended skill directories; they do not appear to exfiltrate data to remote endpoints in their current form. - Protect the ./data volume: cookies and session state are stored there. If you don't want persistent login state, clear or mount the volume to a controlled location. - If you cannot verify the Docker image, consider rebuilding the MCP service from a trusted source or avoid running the image altogether. If you want, I can list the exact files that write to absolute host paths and suggest safe replacements, or help craft commands to inspect the Docker image before running it.

Type: OpenClaw Skill Name: xhsmander Version: 1.0.1 The skill bundle provides Xiaohongshu automation via a local Docker-based MCP service. While the logic aligns with the stated purpose, several scripts (check_status.py, get_qr.py, and publish_post.py) contain hardcoded absolute Windows file paths (e.g., 'C:\Users\15822\...') for logging results and saving QR codes. This indicates a lack of sanitization and potential for execution failure on other systems. Additionally, the core logic is offloaded to an external Docker image (xpzouying/xiaohongshu-mcp), which introduces a third-party dependency risk for handling sensitive session cookies.