← 返回 Skills 市场
352
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install xiaohongshu-v2
功能描述
基于Chrome DevTools Protocol,实现小红书认证登录、内容发布、搜索发现和社交互动的完整自动化操作。
安全使用建议
What to consider before installing/running this skill:
- The code largely matches the described automation capability (it controls Chrome via CDP, manages profiles under ~/.xhs, and implements publishing/search/commenting flows), but the README includes hidden unicode control characters — inspect SKILL.md with a hex viewer or a trusted editor to ensure no hidden instructions are present.
- The package will write persistent data to your home directory (~/.xhs): saved profiles, cookies, images, and a run.lock. If you plan to test, do so in an isolated account or container and back up any data you care about.
- The code reads environment variables (CHROME_BIN to locate Chrome, XHS_PROXY for proxying) even though the skill metadata lists none. Be aware of these runtime knobs and set them intentionally; an attacker could try to direct traffic via a proxy if you unknowingly export one.
- It launches Chrome with --no-sandbox/--disable-setuid-sandbox to support root execution; running Chrome without sandboxing is less secure. Avoid running this on production hosts or on machines with sensitive data — prefer an isolated VM or disposable container.
- The skill can run system utilities to find/kill processes and will spawn subprocesses (Chrome). That behavior is necessary for this automation but consider limits: it can terminate processes bound to the CDP port if they conflict.
- Network activity: the tool will fetch images from arbitrary URLs and talk to Chrome's local debugging endpoint. Review any URLs you pass to it and monitor outbound connections if you run it.
- Recommended actions before use: review the full source (especially any truncated/omitted files), remove or neutralize hidden control characters in SKILL.md, run in an isolated environment, and inspect or pin third-party dependencies from requirements.txt. If you plan to use real accounts, consider risks related to platform ToS and detection avoidance code (anti-detection/stealth) that may be ethically or legally problematic.
功能分析
Type: OpenClaw Skill
Name: xiaohongshu-v2
Version: 2.0.0
The skill bundle is a comprehensive Xiaohongshu automation suite using Chrome DevTools Protocol (CDP). It is classified as suspicious due to a potential JavaScript injection vulnerability in `scripts/xhs/comment.py` where the `user_id` parameter is unsafely interpolated into a browser-side `evaluate` call. Additionally, `scripts/chrome_launcher.py` launches Chrome with security-weakening flags such as `--no-sandbox` and `--disable-setuid-sandbox`. While these capabilities and the broad file/network access (e.g., in `scripts/image_downloader.py`) are aligned with the tool's stated purpose, they represent a significant attack surface and risky security practices.
能力评估
Purpose & Capability
Name/description align with the code: the package implements Chrome CDP automation for login, publishing, search, and interactions. The code manipulates Chrome, manages profiles under ~/.xhs, downloads images, and implements publish pipelines — all coherent with the stated purpose. However, some runtime environment variables (CHROME_BIN, XHS_PROXY) and local paths are relied on even though the skill metadata declares no required env/configs.
Instruction Scope
SKILL.md and CLI instruct running local Python commands that will: launch/kill Chrome, control pages via CDP, persist cookies and profiles under ~/.xhs, download remote images, and run lsof/netstat/taskkill to find/kill processes. Those actions are within the functional scope but the README contains detected unicode-control-chars (prompt-injection style) which is unexpected and suspicious. The instructions do not declare required env vars the code will read, leaving a mismatch between advertised and actual runtime behavior.
Install Mechanism
No install spec; code is bundled with the skill and runs as Python scripts. No external archive downloads or package installers are used by the skill package itself, which reduces supply-chain risk. It does import third-party libraries (requests, websockets) that would need to be present or installed via a requirements.txt referenced by SKILL.md.
Credentials
Skill metadata lists no required environment variables, but the code reads CHROME_BIN, XHS_PROXY and implicitly depends on a writable home directory (~/.xhs). It also interacts with the network to download images and uses system utilities (lsof/netstat/taskkill). Requesting/using CHROME_BIN and XHS_PROXY are reasonable for a browser automation tool, but the omission from metadata is a mismatch and increases the chance users won't notice these behaviors.
Persistence & Privilege
The skill does not request always:true and does not modify other skills. It persists data and profiles under ~/.xhs and can create/modify cookies and image caches there. It also intentionally adds Chrome flags (--no-sandbox, --disable-setuid-sandbox) to support running as root; this is functional for some environments but weakens process isolation and increases risk if the machine or containers host sensitive data.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install xiaohongshu-v2 - 安装完成后,直接呼叫该 Skill 的名称或使用
/xiaohongshu-v2触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.0.0
基于 CDP 的小红书完整自动化方案,修复 Chrome 启动问题,支持登录、发布、搜索、互动
元数据
常见问题
小红书自动化 V2 是什么?
基于Chrome DevTools Protocol,实现小红书认证登录、内容发布、搜索发现和社交互动的完整自动化操作。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 352 次。
如何安装 小红书自动化 V2?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install xiaohongshu-v2」即可一键安装,无需额外配置。
小红书自动化 V2 是免费的吗?
是的,小红书自动化 V2 完全免费(开源免费),可自由下载、安装和使用。
小红书自动化 V2 支持哪些平台?
小红书自动化 V2 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 小红书自动化 V2?
由 NANA(@tinadu-ai)开发并维护,当前版本 v2.0.0。
推荐 Skills