小红书长图文发布
ReviewAudited by ClawScan on May 10, 2026.
Overview
This skill is purpose-aligned for publishing to Xiaohongshu, but it can use a logged-in browser account to complete a public post without an explicit final user approval step.
Only use this skill when you are ready for the agent to operate your logged-in Xiaohongshu creator account. Before allowing the final publish action, review the active account, title, body, formatting preview, tags, and any location/originality settings, then give explicit approval.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked at the wrong time or with unintended content, the agent could publish a post to the user's Xiaohongshu account.
The instructions direct the agent to click the final publish button on a public social-media platform, but do not require an explicit user confirmation after preview and before publication.
### Step 6: 发布(约 10 秒) 1. 点击 **"发布"** 按钮 2. 等待 3-5 秒 3. 点击左侧 **"笔记管理"** 验证
Add a mandatory final checkpoint: show the title, body, cover/preview, tags, and account being used, then ask the user for explicit confirmation before clicking '发布'.
The agent can perform actions as the logged-in account within the creator platform, including creating public posts.
The skill depends on an already authenticated Xiaohongshu creator account in the OpenClaw browser profile. This is expected for publishing, but it means the agent is acting with the user's account privileges.
- 小红书账号已登录(在 openclaw 浏览器中) - 已开通创作服务平台权限
Use a dedicated browser profile/account where possible, confirm the active account before publishing, and avoid leaving broader unrelated sessions open in the same profile.
Browser control lets the agent interact with webpages in the active profile, so mistakes could affect other logged-in web sessions if the workflow is not kept scoped.
The skill asks the user to confirm browser host-control capability so the agent can operate the browser. This is coherent with the automation purpose, but it is a broad browser-control permission.
"allowHostControl": true
Run the workflow in a dedicated OpenClaw browser profile and keep the agent confined to the Xiaohongshu creator page.
Users have limited external context for who maintains the workflow or how it was validated.
The registry metadata does not provide a source repository or homepage. This is less risky for an instruction-only skill, but provenance matters because the instructions involve account-backed publishing.
Source: unknown Homepage: none
Prefer skills with clear provenance, or manually review the single SKILL.md before use.