RedNote Publish Auto
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is coherent for creating and publishing Xiaohongshu posts, but it needs a full account cookie and includes an optional API mode that can hand that cookie to an unreviewed service.
Install only if you are comfortable giving the skill a full Xiaohongshu account cookie and letting it publish after explicit confirmation. Use a dedicated account, verify every preview before publishing, avoid API mode unless the service is local and trusted, and revoke the cookie/session when finished.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the cookie is exposed or misused, someone could publish as the user or otherwise act through the logged-in account.
The skill requires a full Xiaohongshu session cookie that can act as the user's account, but the registry metadata declares no primary credential or required environment variable.
Cookie 等同于账号密码!... 持有此 Cookie 可代表您的账号进行发布操作 ... Cookie 保存在:`~/.openclaw/workspace/.xhs_cookie.env`
Use a dedicated Xiaohongshu account, keep the cookie out of chats/logs, revoke the browser session after use, and require the skill metadata to declare XHS_COOKIE as a sensitive credential.
A mistaken confirmation could still result in unwanted public content being posted.
The skill can publish to a public social-media account, but it explicitly documents a required user confirmation before the publish step.
第四步「发布小红书」前会展示内容预览,**必须等用户明确确认「可以发布」后才执行发布**,不会自动发布。
Review the generated title, description, images, and target account carefully before saying “可以发布”; consider testing with private posts or a secondary account.
If XHS_API_URL points to an untrusted or remote service, the account cookie could be disclosed to that service.
In API mode, the full account cookie is sent to a configured API service. The default is localhost, but the URL is environment-controlled and the service boundary is not clearly documented in SKILL.md.
return os.getenv('XHS_API_URL', 'http://localhost:5005') ... requests.post(f"{self.api_url}/init", json={"session_id": self.session_id, "cookie": self.cookie})Avoid --api-mode unless the API service is local and trusted; document this data flow clearly, enforce localhost or HTTPS, and never send the cookie to an unknown endpoint.
Users may obtain and run an unreviewed helper service that receives account credentials.
The script suggests starting an xhs-api helper, but no xhs-api service files are present in the provided manifest; that helper would be relevant to a mode that receives the user's full cookie.
print(f" cd xhs-api && python app_full.py")
Include the helper service source in the skill package or remove API mode; pin and document all external components before asking users to provide cookies.