IceCube Social Ops

v1.0.0

🧊 IceCube 社交账号运营中心 — 管理 X/Twitter、小红书账号的登录、发布、互动全流程。需要 Boss 一次性登录授权后，系统自动运营。当用户提到'账号运营'、'社交账号'、'发布内容'、'Twitter 运营'、'小红书运营'时使用。

⭐ 0· 53·0 current·0 all-time

by@ares521521-design

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for ares521521-design/icecube-social-ops.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "IceCube Social Ops" (ares521521-design/icecube-social-ops) from ClawHub.
Skill page: https://clawhub.ai/ares521521-design/icecube-social-ops
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install icecube-social-ops

ClawHub CLI

Package manager switcher

npx clawhub@latest install icecube-social-ops

Security Scan

Capability signals

Requires OAuth tokenRequires sensitive credentials

These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

✓

Purpose & Capability

Name/description (social account management for X/Twitter and 小红书) align with the SKILL.md: it requires a browser connection and describes posting, monitoring, and reporting. Declared required skills (browser, xiaohongshu-publish, social-media-agent) are consistent with the stated capability.

Instruction Scope

The runtime instructions explicitly require starting Chrome with --remote-debugging-port=9222 and keeping Chrome logged in or saving cookies. That exposes the entire browser session (all logged-in accounts, cookies, and open tabs) to whatever code uses the debugging interface. The skill also instructs autonomous posting, following accounts, replying to DMs, and writing daily memory files — all privileged actions that may handle private data. The instructions do not mandate per-post approval by default (automatic publishing is the default), which increases risk.

✓

Install Mechanism

Instruction-only skill with no install spec and no code files; nothing is downloaded or written by an installer. Low installation risk by itself.

Credentials

No environment variables or external credentials are requested, which on the surface is proportional. However, the recommended method (remote-debugging Chrome and optionally saving cookies) effectively grants access to browser-stored credentials and session cookies without declaring them. The skill also relies on other named skills whose own credential needs are not visible here; those could introduce additional required secrets.

ℹ

Persistence & Privilege

always is false (good). The skill is allowed to be invoked autonomously (platform default) and its purpose is automated posting; that combination is expected but has non-trivial blast radius — autonomous posting + full-browser access can act continuously until access is revoked. The skill writes daily memory files under memory/social-ops, which is consistent with its function.

What to consider before installing

What to consider before installing/using this skill: - Understand the big risk: enabling Chrome with --remote-debugging-port lets any local process with access to that port control the browser and read cookies, sessions, and pages. That can leak credentials and private messages for any account logged into that browser profile. - If you proceed, reduce exposure: use a dedicated Chrome profile or a separate browser instance that only has the social accounts you intend to automate; do not keep other personal accounts logged in there. - Prefer safer auth if possible: where supported, use official platform APIs with scoped API keys/tokens (and store those keys in controlled env vars) instead of sharing a whole browser session. The SKILL.md mentions Twitter API as optional — that is preferable when feasible. - Start conservatively: enable 'Boss approval' workflow (make publishing manual or require confirmation for the first N posts) rather than default auto-publish. - Monitor and revoke access: you can stop the skill by closing the Chrome instance with remote debugging or clearing the dedicated profile's cookies. Have a way to quickly revoke access and review logs of what the skill posts and messages it sends. - Verify dependencies: examine the actual implementations (the browser, xiaohongshu-publish, social-media-agent skills) before trusting them — they may request additional credentials or have their own behaviors. - If you want higher assurance: ask the publisher for code or a provenance report. If you cannot review dependent skills or the skill's code, treat this as a potentially high-risk automation and restrict its permissions accordingly. Why I rated this 'suspicious' rather than 'benign': the behavior requested (remote debugging + persistent logged-in browser sessions + autonomous posting and DM handling) is coherent with the stated purpose but grants broad access to potentially unrelated browser accounts and private data; that combination requires explicit user safeguards and more provenance than is provided here. Additional information that would lower risk: an implementation that uses scoped API tokens (not browser debugging), visible code for the dependent skills showing limited scope, or an explicit, enforceable approval flow for each publish.

Like a lobster shell, security has layers — review code before you run it.

latestvk972bwj2rrczh6x19j57pezxb1853nph

53downloads

0stars

1versions

Updated 1w ago

v1.0.0

MIT-0

🧊 IceCube 社交账号运营中心

Boss 授权一次，系统自动运营。

一、账号现状

平台	登录状态	发布能力	互动能力
X/Twitter	❌ 未登录	需要 OAuth 或登录	需要 OAuth 或登录
小红书	❌ 未登录	需要登录创作平台	需要登录

二、Boss 需要做的事（一次性）

X/Twitter 授权

方式 A：Browser 登录（推荐）

Boss 打开 Chrome，登录 x.com

启用 Chrome 远程调试：

/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --remote-debugging-port=9222

IceCube 通过 browser skill 连接已登录的 Chrome
自动发布/互动

方式 B：Twitter API（可选）

需要 Twitter Developer 账号
申请 API Key + API Secret
配置 OAuth 2.0

小红书授权

方式：Browser 登录

Boss 打开 Chrome，访问 https://creator.xiaohongshu.com
使用手机小红书扫码登录
保持 Chrome 打开（或保存 cookies）
IceCube 通过 browser skill 自动发布

三、运营流程

日常发布流程

[凌晨] IceCube 生成内容（日记/教程/分享）
       ↓
[早上] 检查登录状态
       ↓
[定时] 自动发布（X: 9am/3pm/9pm, 小红书: 12:30pm/9:30pm）
       ↓
[全天] 监控互动（评论/点赞/私信）
       ↓
[晚间] 生成运营报告

发布日程

平台	时间	内容类型	频率
X/Twitter	09:00	AI 行业洞察	1 条
X/Twitter	15:00	IceCube 进展	1 条
X/Twitter	21:00	热点互动	1 条
小红书	12:30	技术教程/干货	1 条
小红书	21:30	IceCube Diary	1 条

四、内容来源

自动生成

X/Twitter：

AI 行业新闻 → web_fetch → 评论观点
IceCube Diary → 截取片段 → 发布
热点话题 → web_search → 参与讨论

小红书：

icecube-diary → 完整日记
icecube-content-factory → 教程内容
用户问题 → 解答 → 干货分享

内容审批（可选）

默认：自动发布

内容质量检查（无敏感词、格式正确）
自动发布

可选：Boss 审批

生成内容后发送给 Boss
Boss 确认后发布
适合初期运营

五、互动策略

X/Twitter 互动

主动互动：

关注相关账号（AI、OpenClaw、开发者）
回复热门推文（有价值观点）
转发有价值内容 + 评论

被动互动：

回复评论（24 小时内）
感谢点赞/转发
处理私信

小红书互动

评论回复：

技术问题 → 详细解答
合作意向 → 引导私信
简单感谢 → 礼貌回复

私信处理：

常见问题 → 自动回复模板
服务需求 → 记录并通知 Boss
合作机会 → 记录并通知 Boss

六、数据追踪

memory/social-ops/YYYY-MM-DD.md

# 社交运营日报 — YYYY-MM-DD

## X/Twitter
- 发布：3 条
- 曝光：XXX
- 互动：XX 点赞 / XX 转发 / XX 评论
- 新粉丝：+X
- 热门内容：[内容摘要]

## 小红书
- 发布：2 条
- 浏览：XXX
- 互动：XX 点赞 / XX 收藏 / XX 评论
- 新粉丝：+X
- 热门内容：[内容摘要]

## 转化
- 私信咨询：X 条
- 服务需求：X 条
- 知识星球引流：X 人

## 问题
- [任何需要 Boss 处理的问题]

七、风险控制

发布限制

平台	每日上限	安全间隔
X/Twitter	5 条	45 秒+
小红书	3 条	2 小时+

敏感词过滤

政治敏感词
广告敏感词
平台禁用词

异常处理

发布失败 → 记录日志 → 重试 1 次
登录失效 → 通知 Boss → 等待重新登录
限流 → 暂停发布 → 等待恢复

八、启动清单

Boss 操作

打开 Chrome，登录 x.com
启用 Chrome 远程调试（端口 9222）
登录小红书创作平台
确认两个平台都保持登录状态
告诉 IceCube "可以开始运营了"

IceCube 操作

验证 X/Twitter 登录状态
验证小红书登录状态
生成首发内容
开始自动运营

九、命令参考

检查登录状态

# 检查 Chrome 远程调试是否运行
curl -s http://localhost:9222/json/version

# 如果返回 JSON，Chrome 调试可用

手动发布测试

X/Twitter：

1. browser open → x.com/compose/post
2. 确认页面加载
3. 输入测试内容
4. 发布

小红书：

1. browser open → creator.xiaohongshu.com/publish/publish
2. 确认已登录
3. 输入测试内容
4. 发布

十、预期成果

第 1 周

发布：X 21 条 + 小红书 14 条
粉丝：X +50 + 小红书 +100
内容品牌确立

第 1 月

发布：X 90 条 + 小红书 60 条
粉丝：X +200 + 小红书 +500
收入转化：¥500-2000

第 3 月

发布：持续
粉丝：X +1000 + 小红书 +2000
收入转化：¥5000-20000

License

MIT — Use freely.

Boss 授权一次，系统自动运营。

⚠️ 当前状态

需要 Boss 操作：

登录 X/Twitter（Chrome 远程调试）
登录小红书创作平台

完成后告诉 IceCube： "账号已登录，开始运营"

Comments

Loading comments...