Xiaohongshu Ops

This skill appears to do what it says: automated Xiaohongshu profile management, content + image asset generation, and browser-driven publish automation. Before installing or running it, consider the following: - Review the publish scripts (scripts/xhs_independent_publish.js and scripts/xhs_publish.js). They will launch Playwright/Chromium, open a persistent browser profile at ~/.openclaw/browser/xhs-independent-user-data, upload images, fill fields, and can click the publish button automatically. If you want to prevent automatic publishes, set the profile to require review-before-publish or manually run the scripts in review mode. - Playwright/Chromium and Node are prerequisites; the skill does not include an install spec. Run it only in an environment where adding a persistent user-data-dir and launching browsers is acceptable. - The skill writes local files under data/xiaohongshu/ and /tmp/openclaw/uploads and will create ~/.openclaw/browser/xhs-independent-user-data. Do not point the skill at a browser profile that contains unrelated sensitive sessions or data. - The publish script uses spawnSync('pkill', ['-f', 'xhs-independent-user-data']) to clear locks. This is likely safe for its intended use but could kill any process whose command line matches that string; be cautious on multi-user or shared hosts. - There are no requested external credentials, and the stock-image planner only writes a plan (it does not automatically call Unsplash/Pexels APIs). If you plan to integrate stock provider APIs, add credentials intentionally and review that code path. - If you have limited trust in the skill author or want to be safer, run it in an isolated environment (container or VM), inspect/modify scripts to require manual confirmation before clicking the final publish selector, and enable review-before-publish in profile.json. If you want, I can point out the exact lines that perform browser automation and the pkill call so you can inspect them quickly.