ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

xiaohongshu-mcp-openclaw

当用户提到小红书/XHS/Rednote 并需要关键词搜笔记、看笔记详情、抓评论、统计点赞与评论数时使用。通过 xpzouying/xiaohongshu-mcp + mcporter 提供统一查询流程。

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 33 · 0 current installs · 0 all-time installs
by@Glitterccc
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description match what the files do: the scripts and Python client call mcporter and a local xiaohongshu-mcp HTTP MCP server to search notes, fetch details/comments, and summarize metrics. Required binaries (bash, mcporter, python3, jq) and the included scripts are appropriate for this purpose.
Instruction Scope
SKILL.md instructs the agent to run the included shell scripts and python client which only interact with the local MCP server, local files (logs, png QR file, tmp files, ~/.openclaw, ~/.agents), and the mcporter CLI. It directs the agent to return QR file/open_command to the user (expected for login flows). There is no instruction to read unrelated system secrets or arbitrary host files.
Install Mechanism
Install steps are standard but include network installs: the registry metadata offers an npm/node install for 'mcporter' (node package) and setup.sh uses 'go install' to fetch github.com/xpzouying/xiaohongshu-mcp. These are traceable and expected for this skill, but they pull code from external registries/hosts (npm, Go proxy/GitHub). This is moderate risk compared to instruction-only skills — review upstream repositories before running installs.
Credentials
The skill purposely requires no secret env vars. It does write files under the user's home (~/.openclaw, ~/.agents, /tmp) and can install system services (launchd/systemd) if the user runs service_install.sh. Preflight/setup may require 'go' to build the xiaohongshu-mcp binary even though go is only listed as optional in preflight (a minor mismatch between declared required bins and the practical install path).
Persistence & Privilege
always:false (good). The skill does create persistent copies under ~/.openclaw and by default syncs into ~/.agents/skills; it also optionally installs a user-level service (launchd/systemd) to keep the MCP process running. These behaviors are within scope but are persistent and should be opted into consciously by the user.
Assessment
This skill appears to do what it claims (manage a local xiaohongshu-mcp service and query it via mcporter). Before installing or running: 1) Inspect and trust the remote sources that will be fetched (npm package 'mcporter' and the GitHub module github.com/xpzouying/xiaohongshu-mcp). 2) Run preflight.sh and inspect scripts to confirm you accept files written under ~/.openclaw and ~/.agents and any systemd/launchd unit files if you plan to enable the service. 3) Prefer running in a controlled environment (VM/container) if you are unsure, and avoid running service_install.sh until you trust the binaries. 4) Note the minor mismatch: setup.sh may require Go to build the MCP binary even though 'go' is optional — install steps can fetch and compile remote code.
!
config/mcporter.json:4
Install source points to URL shortener or raw IP.
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk978sknrnz7qzfktgfsgpnpgm1833xt4mcpvk978sknrnz7qzfktgfsgpnpgm1833xt4openclawvk978sknrnz7qzfktgfsgpnpgm1833xt4xiaohongshuvk978sknrnz7qzfktgfsgpnpgm1833xt4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📕 Clawdis
Binsbash, mcporter, python3, jq

Install

Install mcporter (node)
Bins: mcporter
npm i -g mcporter

SKILL.md

xiaohongshu-mcp-openclaw

通过本 skill 可统一完成:

  • 关键词搜索笔记
  • 获取笔记详情和评论
  • 输出点赞数/评论数等归一化指标
  • 多笔记抓取并自动汇总

Quick Start

初始化(安装服务端 + 启动 + 注册 + 冒烟 + 登录守卫):

bash {baseDir}/scripts/quickstart.sh

分发前环境预检:

bash {baseDir}/scripts/preflight.sh

已安装到 OpenClaw 后可用:

bash {baseDir}/scripts/install_to_openclaw.sh
openclaw skills info xiaohongshu-mcp-openclaw

默认会同步到 ~/.agents/skills/xiaohongshu-mcp-openclaw-1.0.0;如不需要可加 XHS_SYNC_AGENTS_SKILL=0

Agent Rules (Critical)

  • 用户提到“登录/扫码/看不到二维码/fail to login/未登录”时,必须先执行:
bash {baseDir}/scripts/login_qr.sh xiaohongshu-mcp
  • 回复用户时必须带上脚本输出中的 qr_fileopen_command(若存在)。
  • 若返回 status=qr_url_ready,必须返回 qr_url_hint(和 open_command 若存在),不要只说“请扫码”。
  • 禁止直接调用 mcporter call xiaohongshu-mcp.get_login_qrcode --output raw 后只给文字提示。

Core Commands

登录守卫(已登录则直接返回):

python3 {baseDir}/scripts/xhs_mcp_client.py --server xiaohongshu-mcp ensure-login

二维码登录(推荐,落盘 PNG 并返回可打开路径):

bash {baseDir}/scripts/login_qr.sh xiaohongshu-mcp

仅生成二维码文件,不自动打开:

XHS_QR_AUTO_OPEN=0 bash {baseDir}/scripts/login_qr.sh xiaohongshu-mcp

登录守卫精简模式(不返回完整二维码 base64):

python3 {baseDir}/scripts/xhs_mcp_client.py --server xiaohongshu-mcp ensure-login --strip-qr-image

登录专用流程(临时 headful,成功后自动切回 headless):

bash {baseDir}/scripts/login_flow.sh xiaohongshu-mcp 120

关键词搜索:

python3 {baseDir}/scripts/xhs_mcp_client.py --server xiaohongshu-mcp search --keyword 防晒 --limit 5

详情 + 评论报告:

python3 {baseDir}/scripts/xhs_mcp_client.py --server xiaohongshu-mcp report --keyword 防晒 --search-limit 5 --comment-limit 3

多笔记总结:

bash {baseDir}/scripts/multi_summary.sh 防晒 5 2

登录诊断:

bash {baseDir}/scripts/login_doctor.sh xiaohongshu-mcp

生成可分享分发包:

bash {baseDir}/scripts/build_distribution.sh

可选:安装系统级常驻服务(防止隔天 offline):

bash {baseDir}/scripts/service_install.sh xiaohongshu-mcp
bash {baseDir}/scripts/service_status.sh xiaohongshu-mcp

Notes

  • 默认 headless=true,避免频繁弹浏览器页面。
  • 脚本主要面向 Linux/macOS shell;Windows 建议用 WSL/Git Bash。
  • 常驻服务支持:macOS launchd、Linux systemd --user
  • 查询命令默认带登录预检(未登录会直接返回并提示 ensure-login)。
  • ensure-login 默认包含二维码图片数据,便于上层代理直接展示扫码图。
  • 登录场景优先使用 scripts/login_qr.sh,该脚本会把二维码保存到本地 PNG(默认 ~/.openclaw/workspace/xhs-login-qrcode.png),避免“有扫码提示但看不到二维码图片”。
  • xhs_mcp_client.py/login_qr.sh 已兼容 mcporter 的非标准对象输出(JS object literal),不依赖 PyYAML 也可解析二维码。
  • 禁止直接调用 mcporter call xiaohongshu-mcp.get_login_qrcode --output raw 并只回复文字;必须返回 qr_file(或 open_command)给用户。
  • 若服务未启动,xhs_mcp_client.py 会返回 error_type=server_offline 和可直接执行的 next_commands(先启动再重试),不要只回复“离线”。
  • detail/comments 建议传 xsec_token(可从 search 结果中取)。
  • 出现登录/验证码时,需用户手动完成校验后重试。
  • 返回 “Sorry, This Page Isn't Available Right Now.” 多为目标笔记当前账号不可见。
  • 新会话如果没有加载该 skill,可先执行 openclaw skills info xiaohongshu-mcp-openclaw;找不到时执行 bash {baseDir}/scripts/install_to_openclaw.sh 后再新开会话。

Full Docs

详细使用说明见:

  • README.md
  • references/field-mapping.md

Files

20 total
Select a file
Select a file to preview.

Comments

Loading comments…