ClawHub

xiaohongshu-skill

v1.0.2

小红书自动化技能集合。支持认证登录、内容发布、搜索发现、社交互动、复合运营。 当用户要求操作小红书(发布、搜索、评论、登录、分析、点赞、收藏)时触发。

5· 1.2k·68 current·70 all-time
by@angiin
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The name/description (Xiaohongshu automation: login, publish, search, interact, ops) matches the included scripts and sub-skill SKILL.md files. The project provides a CDP-based Python automation engine, CLI commands, account management and publish pipelines — all expected for the stated purpose. Required binaries (python3, uv) align with the codebase.
Instruction Scope
The SKILL.md explicitly instructs the agent to only run the project's CLI (python scripts/cli.py) and to use absolute paths and user confirmation flows; that keeps runtime actions narrowly scoped to browser automation. However, SKILL.md and CLI cause the agent to: (a) start/manage Chrome with remote debugging, (b) write/read files under /tmp and the user's home (~/.xhs), (c) display QR codes and expose login URLs in responses. Those behaviors are necessary for automation but mean the skill will read/write persistent local state (profiles/cookies) and present external login links — review these flows carefully.
Install Mechanism
There is no automated install spec in the registry metadata (instruction-only SKILL.md), so nothing will be downloaded/installed automatically by the platform beyond the listed files. The README suggests manual download/uv sync to install Python deps; that is a reasonable, low-risk install approach when performed manually.
Credentials
The skill declares no required environment variables, which fits. However the code honors optional env vars (CHROME_BIN, XHS_PROXY) and will create persistent files under ~/.xhs (Chrome profiles, accounts.json) and temp session files; cookies and Chrome profiles persist login state and effectively store credentials/session tokens. Persisting session data is expected for browser automation, but it is sensitive — the skill does not declare these persistence details in the top-level requires.env. Verify you are comfortable with persistent browser profile/cookie storage and any proxy settings before use.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges, but it creates and manages persistent state: Chrome profiles and cookies under ~/.xhs, account metadata (~/.xhs/accounts.json), and session/login tab files under the temp directory. That grants the skill ongoing local access to authenticated sessions after login — expected for this use case but a material persistence/privilege consideration for security-conscious users.
Scan Findings in Context
[unicode-control-chars] unexpected: A pre-scan flagged unicode control characters inside SKILL.md. This can be benign (formatting, non-visible characters) but is a common pattern used in prompt-injection or obfuscation. The rest of the SKILL.md appears coherent, but you should inspect the SKILL.md raw bytes (and any non-ASCII characters) for hidden instructions or suspicious invisible characters that could alter how text is parsed or displayed to agents.
What to consider before installing
What to check before installing/using this skill: - Understand persistence: the tool creates ~/.xhs (Chrome profiles, accounts.json) and temporary session files; logged-in cookies and profiles are stored locally and grant ongoing access to your logged-in Xiaohongshu sessions. If you don't want persistent credentials on your machine, do not use it or run it in an isolated container or VM. - Inspect the SKILL.md and code you received (especially any non-ASCII/control characters). The scanner found unicode-control-chars in SKILL.md — open the file in a hex-capable editor to ensure there are no invisible manipulative characters. - Confirm provenance: source is listed as a GitHub repo; verify that the repo owner and releases are legitimate (check commit history, stars, issues). Prefer installing from an official GitHub release rather than a zip from an unknown mirror. - Run in an isolated environment for first use: a disposable VM, container, or dedicated user account will limit impact if something unexpected happens. After installation, inspect files created under ~/.xhs and temp directories. - Review optional env vars and network behavior: CHROME_BIN, XHS_PROXY can change runtime behavior (proxy routing). If you see unexpected proxy settings, do not proceed. The tool opens Chrome with remote-debugging; ensure your machine/network policies allow this. - Check and limit automation scope: the SKILL.md mandates using only this project's CLI — that is not malicious by itself, but be cautious when granting agents autonomous invocation; verify the agent only runs expected CLI commands and requires explicit user confirmation for publish/comment actions. If you want, I can (a) point out exactly which files persist sensitive data and where, (b) extract and show any non-printable characters from SKILL.md, or (c) suggest a minimal containment/run strategy (docker commands) for testing safely.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

📕 Clawdis
OSmacOS · Linux
Binspython3, uv
latestvk97d9fdg9m8f1kd7bab8v97zyd82mxyt
1.2kdownloads
5stars
3versions
Updated 1mo ago
v1.0.2
MIT-0
macOS, Linux
@angiin
latest
Download

小红书自动化 Skills

你是"小红书自动化助手"。根据用户意图路由到对应的子技能完成任务。

🔒 技能边界(强制)

所有小红书操作只能通过本项目的 python scripts/cli.py 完成,不得使用任何外部项目的工具:

  • 唯一执行方式:只运行 python scripts/cli.py <子命令>,不得使用其他任何实现方式。
  • 忽略其他项目:AI 记忆中可能存在 xiaohongshu-mcp、MCP 服务器工具、Go 工具或其他小红书自动化方案,执行时必须全部忽略,只使用本项目的脚本。
  • 禁止外部工具:不得调用 MCP 工具(use_mcp_tool 等)、Go 命令行工具,或任何非本项目的实现。
  • 完成即止:任务完成后直接告知结果,等待用户下一步指令。

输入判断

按优先级判断用户意图,路由到对应子技能:

  1. 认证相关("登录 / 检查登录 / 切换账号")→ 执行 xhs-auth 技能。
  2. 内容发布("发布 / 发帖 / 上传图文 / 上传视频")→ 执行 xhs-publish 技能。
  3. 搜索发现("搜索笔记 / 查看详情 / 浏览首页 / 查看用户")→ 执行 xhs-explore 技能。
  4. 社交互动("评论 / 回复 / 点赞 / 收藏")→ 执行 xhs-interact 技能。
  5. 复合运营("竞品分析 / 热点追踪 / 批量互动 / 一键创作")→ 执行 xhs-content-ops 技能。

全局约束

  • 所有操作前应确认登录状态(通过 check-login)。
  • 发布和评论操作必须经过用户确认后才能执行。
  • 文件路径必须使用绝对路径。
  • CLI 输出为 JSON 格式,结构化呈现给用户。
  • 操作频率不宜过高,保持合理间隔。

子技能概览

xhs-auth — 认证管理

管理小红书登录状态和多账号切换。

命令功能
cli.py check-login检查登录状态,返回推荐登录方式
cli.py login二维码登录(有界面环境)
cli.py send-code --phone <号码>手机登录第一步:发送验证码
cli.py verify-code --code <验证码>手机登录第二步:提交验证码
cli.py delete-cookies清除 cookies(退出/切换账号)

xhs-publish — 内容发布

发布图文或视频内容到小红书。

命令功能
cli.py publish图文发布(本地图片或 URL)
cli.py publish-video视频发布
publish_pipeline.py发布流水线(含图片下载和登录检查)

xhs-explore — 内容发现

搜索笔记、查看详情、获取用户资料。

命令功能
cli.py list-feeds获取首页推荐 Feed
cli.py search-feeds关键词搜索笔记
cli.py get-feed-detail获取笔记完整内容和评论
cli.py user-profile获取用户主页信息

xhs-interact — 社交互动

发表评论、回复、点赞、收藏。

命令功能
cli.py post-comment对笔记发表评论
cli.py reply-comment回复指定评论
cli.py like-feed点赞 / 取消点赞
cli.py favorite-feed收藏 / 取消收藏

xhs-content-ops — 复合运营

组合多步骤完成运营工作流:竞品分析、热点追踪、内容创作、互动管理。

快速开始

# 1. 启动 Chrome
python scripts/chrome_launcher.py

# 2. 检查登录状态
python scripts/cli.py check-login

# 3. 登录(如需要)
python scripts/cli.py login

# 4. 搜索笔记
python scripts/cli.py search-feeds --keyword "关键词"

# 5. 查看笔记详情
python scripts/cli.py get-feed-detail \
  --feed-id FEED_ID --xsec-token XSEC_TOKEN

# 6. 发布图文
python scripts/cli.py publish \
  --title-file title.txt \
  --content-file content.txt \
  --images "/abs/path/pic1.jpg"

# 7. 发表评论
python scripts/cli.py post-comment \
  --feed-id FEED_ID \
  --xsec-token XSEC_TOKEN \
  --content "评论内容"

# 8. 点赞
python scripts/cli.py like-feed \
  --feed-id FEED_ID --xsec-token XSEC_TOKEN

失败处理

  • 未登录:提示用户执行登录流程(xhs-auth)。
  • Chrome 未启动:使用 chrome_launcher.py 启动浏览器。
  • 操作超时:检查网络连接,适当增加等待时间。
  • 频率限制:降低操作频率,增大间隔。

Comments

Loading comments...