小红书自动化 V2

What to consider before installing/running this skill: - The code largely matches the described automation capability (it controls Chrome via CDP, manages profiles under ~/.xhs, and implements publishing/search/commenting flows), but the README includes hidden unicode control characters — inspect SKILL.md with a hex viewer or a trusted editor to ensure no hidden instructions are present. - The package will write persistent data to your home directory (~/.xhs): saved profiles, cookies, images, and a run.lock. If you plan to test, do so in an isolated account or container and back up any data you care about. - The code reads environment variables (CHROME_BIN to locate Chrome, XHS_PROXY for proxying) even though the skill metadata lists none. Be aware of these runtime knobs and set them intentionally; an attacker could try to direct traffic via a proxy if you unknowingly export one. - It launches Chrome with --no-sandbox/--disable-setuid-sandbox to support root execution; running Chrome without sandboxing is less secure. Avoid running this on production hosts or on machines with sensitive data — prefer an isolated VM or disposable container. - The skill can run system utilities to find/kill processes and will spawn subprocesses (Chrome). That behavior is necessary for this automation but consider limits: it can terminate processes bound to the CDP port if they conflict. - Network activity: the tool will fetch images from arbitrary URLs and talk to Chrome's local debugging endpoint. Review any URLs you pass to it and monitor outbound connections if you run it. - Recommended actions before use: review the full source (especially any truncated/omitted files), remove or neutralize hidden control characters in SKILL.md, run in an isolated environment, and inspect or pin third-party dependencies from requirements.txt. If you plan to use real accounts, consider risks related to platform ToS and detection avoidance code (anti-detection/stealth) that may be ethically or legally problematic.