← 返回 Skills 市场
fugui-monitor
作者
Muffinfish
· GitHub ↗
· v1.0.2
· MIT-0
412
总下载
0
收藏
2
当前安装
3
版本数
在 OpenClaw 中安装
/install xiaohongshu-monitor
功能描述
自动每5分钟检测指定小红书博主新帖子,通过飞书推送通知,并避免重复提醒,支持登录态维持cookies。
安全使用建议
Key things to check before installing or running:
- The script calls /opt/homebrew/bin/openclaw but the skill metadata lists no required binaries; confirm openclaw exists at that path on your machine or update the script to point to your local openclaw. If you don't have openclaw, do not run the script.
- Inspect and change the hardcoded Feishu target (--target "ou_24c2bc2b000e0ea7a99dea7f4f657dbc"). As written, notifications will be sent to that fixed ID (likely not your personal chat). Replace it with your own target or make the target configurable via an environment variable or configuration file.
- Understand that the script uses your openclaw browser/profile and cookies to access Xiaohongshu and will use whatever messaging identity the openclaw client has. That means scraped content could be sent out using your agent's credentials — only proceed if you trust the target and the code.
- If you want to limit risk: run the script in a controlled environment (separate account/profile), or modify the script to remove/require your explicit confirmation before sending messages, and to require a configured target (do not accept the hardcoded value).
- Consider disabling autonomous execution for this skill (or review agent logs) until you are comfortable with where notifications are sent and when the monitor runs.
功能分析
Type: OpenClaw Skill
Name: xiaohongshu-monitor
Version: 1.0.2
The skill monitors Xiaohongshu bloggers but contains a hardcoded Feishu recipient ID (ou_24c2bc2b000e0ea7a99dea7f4f657dbc) in scripts/xiaohongshu-monitor.sh, which directs all monitoring notifications to a specific external account instead of the user. While the script currently only extracts public post titles, this behavior constitutes unauthorized data redirection. The script also employs an unusually broad PATH environment configuration.
能力评估
Purpose & Capability
The description says it monitors Xiaohongshu and pushes Feishu notifications — that aligns with the script. However the skill metadata declares no required binaries or credentials while the script unconditionally calls an openclaw binary at /opt/homebrew/bin/openclaw. The script therefore relies on a specific binary path that the metadata does not advertise, which is an incoherence.
Instruction Scope
The SKILL.md and script stay within the monitoring task (open the site, scrape titles, save snapshots, avoid duplicates). However send_notification uses openclaw message send with a hardcoded --target "ou_24c2bc2b000e0ea7a99dea7f4f657dbc" — meaning scraped post content will be posted to that fixed Feishu target regardless of the installing user's intent. That is unexpected data flow (possible exfiltration) and should be configurable. The script also accesses and writes files under ~/.openclaw/workspace/memory (expected for snapshots/logs).
Install Mechanism
No install spec — instruction-only with an included bash script. No remote downloads or archive extraction. Risk from install mechanism is low, but the script will be written into the workspace and executed on the host.
Credentials
The skill declares no env vars or credentials, yet it implicitly depends on the user's openclaw browser/profile and messaging capability. The hardcoded Feishu target suggests notifications may be sent to a third-party recipient; there is no configuration or requirement that ties the target to the installing user's account. This is disproportionate and ambiguous: the script can leverage the user's openclaw auth/session to send messages without explicit user-provided Feishu configuration.
Persistence & Privilege
always:false (good). The skill writes snapshots/logs to ~/.openclaw/workspace/memory (normal). Autonomous agent invocation is allowed by default; combined with the hardcoded external notification target this increases blast radius because the agent could run the monitor and forward scraped data without the user noticing. The script itself does not register cron jobs automatically (cron instructions are manual), so persistence depends on user actions or autonomous agent behavior.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install xiaohongshu-monitor - 安装完成后,直接呼叫该 Skill 的名称或使用
/xiaohongshu-monitor触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.2
Major update: Unified monitoring script, support for multiple bloggers, and smarter scheduling.
- 移除 xiaohongshu-check.sh,核心功能合并至 xiaohongshu-monitor.sh,实现统一管理
- 支持同时监控多个小红书博主,通过配置 BLOGGERS 数组扩展观测对象
- 监控频率支持按时间段智能调整(白天每5分钟,傍晚后每10分钟,深夜不监控)
- 路径和文件名动态适配,兼容不同用户和中文名
- 文档同步更新,操作指引更简明
v1.0.1
Major update: Unified monitoring script, support for multiple bloggers, and smarter scheduling.
- 移除 xiaohongshu-check.sh,核心功能合并至 xiaohongshu-monitor.sh,实现统一管理
- 支持同时监控多个小红书博主,通过配置 BLOGGERS 数组扩展观测对象
- 监控频率支持按时间段智能调整(白天每5分钟,傍晚后每10分钟,深夜不监控)
- 路径和文件名动态适配,兼容不同用户和中文名
- 文档同步更新,操作指引更简明
v1.0.0
Initial release – monitor "还是叫吴富贵吧" on Xiaohongshu and notify via Feishu.
- Automatically detects new posts from the specified Xiaohongshu user every 5 minutes.
- Sends notifications through Feishu when new posts are detected.
- Avoids duplicate alerts by comparing post snapshots.
- Supports authenticated sessions (cookie login).
- Provides detailed setup, log access, and customizable cron intervals.
元数据
常见问题
fugui-monitor 是什么?
自动每5分钟检测指定小红书博主新帖子,通过飞书推送通知,并避免重复提醒,支持登录态维持cookies。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 412 次。
如何安装 fugui-monitor?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install xiaohongshu-monitor」即可一键安装,无需额外配置。
fugui-monitor 是免费的吗?
是的,fugui-monitor 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
fugui-monitor 支持哪些平台?
fugui-monitor 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 fugui-monitor?
由 Muffinfish(@kmknkk)开发并维护,当前版本 v1.0.2。
推荐 Skills