掘金自动发布
v1.0.3掘金自动发布 - 一键发布文章到掘金,支持定时发布、标签优化、封面设置。适合:内容创作者、技术博主。
⭐ 0· 327·1 current·1 all-time
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
Purpose (publish to juejin.cn) matches the instructions to call juejin APIs with a session cookie. However the SKILL.md references local scripts (~/.openclaw/workspace/custom/juejin_publisher.py, extract_juejin_cookie.py) and a config file (~/.openclaw/workspace/JUEJIN.md) even though the registry metadata declares no required config paths and no code files are bundled. That discrepancy is unexplained.
Instruction Scope
Instructions ask the user (or agent) to extract and persist the full 掘金 Cookie and run local Python scripts. The skill provides example scripts/snippets but does not actually include the referenced scripts or a load_cookies implementation. Asking users to copy session cookies is sensitive because those cookies grant full access to the account; the instructions do not limit or explain scope, nor do they provide any secure-storage guidance.
Install Mechanism
There is no install spec and no code shipped with the skill (instruction-only). That is lower risk in terms of arbitrary downloads. The risk arises from missing referenced scripts (instructions expect files that are not present).
Credentials
The skill declares no required environment variables or config paths, yet the instructions require storing and reading a cookie file at ~/.openclaw/workspace/JUEJIN.md and using cookie values for authentication. The request for the user's session cookie is directly related to purpose, but the absence of a declared config path or credential field is an inconsistency and reduces transparency.
Persistence & Privilege
always:false (good). But the instructions encourage persisting a session cookie in the user's workspace, which creates a sensitive long-lived credential usable by the agent. Since the platform allows autonomous invocation by default, installing this skill would permit the agent to act using that cookie unless you restrict invocation—this combination increases potential for unintended account actions.
What to consider before installing
This skill claims to automate publishing to 掘金, which is plausible, but the SKILL.md expects local Python scripts and a persistent cookie file that are not included or declared. Before installing or using it: 1) Do not paste your full 掘金 session cookie into chat or untrusted inputs. Treat the cookie like a password — anyone with it can act as you. 2) Ask the publisher for the actual scripts or an install spec, or provide your own vetted scripts; do not run unknown .py files. 3) Prefer short‑lived API tokens if the service supports them, or keep the cookie in a secure secret store rather than a plain file in your workspace. 4) If you install, restrict autonomous invocation or audit actions the agent takes (so it cannot publish without explicit approval). 5) If you must use the provided workflow, inspect any extract_juejin_cookie.py / juejin_publisher.py code before executing, and verify where cookies are written and who can read them.Like a lobster shell, security has layers — review code before you run it.
Runtime requirements
📝 Clawdis
Binspython3
chineselatest
掘金自动发布 Skill
一键发布文章到掘金,自动化内容分发。
核心功能
1. 自动登录
- Cookie 持久化
- 自动续期
- 失败提醒
2. 文章发布
- Markdown 支持
- 自动生成摘要
- 标签推荐
- 封面设置
3. 定时发布
- 指定发布时间
- 队列管理
- 发布确认
使用方法
发布文章
python3 ~/.openclaw/workspace/custom/juejin_publisher.py \
--title "文章标题" \
--content "文章内容(Markdown)" \
--tags "Python,AI,自动化"
定时发布
python3 ~/.openclaw/workspace/custom/juejin_publisher.py \
--title "文章标题" \
--file article.md \
--schedule "2026-03-12 09:00"
批量发布
python3 ~/.openclaw/workspace/custom/juejin_publisher.py \
--queue ~/.openclaw/workspace/memory/content-queue/
配置文件
~/.openclaw/workspace/JUEJIN.md
# 掘金 Cookie(登录后获取)
cookie: "你的掘金 Cookie"
# 默认标签
default_tags:
- 后端
- Python
- AI
# 发布设置
publish:
# 是否立即发布
auto_publish: true
# 默认封面(留空自动生成)
cover_image: ""
# 文章分类
category: "后端"
# 定时发布队列
queue_dir: "~/.openclaw/workspace/memory/content-queue/"
Cookie 获取方法
方法 1:浏览器开发者工具
- 登录掘金 juejin.cn
- F12 打开开发者工具
- Network → 找到任意请求
- Headers → Cookie → 复制完整值
方法 2:使用脚本
python3 ~/.openclaw/workspace/custom/extract_juejin_cookie.py
API 说明
发布接口
POST https://api.juejin.cn/content_api/v1/article_draft/create
Headers:
Cookie: [你的Cookie]
Body:
{
"title": "文章标题",
"mark_content": "Markdown 内容",
"category_id": "分类ID",
"tag_ids": ["标签ID"],
"brief_content": "摘要"
}
标签 ID 对照
{
"后端": "6809637773935378440",
"前端": "6809637771516121096",
"Python": "6809637771516119047",
"AI": "6809637771516120071",
"自动化": "6809637771516121096"
}
错误处理
Cookie 失效
❌ Cookie 失效,请重新登录
→ 执行 python3 extract_juejin_cookie.py
发布失败
❌ 发布失败:[错误信息]
→ 检查网络连接
→ 检查文章格式
→ 重试
最佳实践
发布时间
- 工作日 9:00-10:00(早高峰)
- 工作日 12:00-13:00(午休)
- 工作日 18:00-19:00(下班)
- 周末 10:00-11:00
标签选择
- 选择 3-5 个相关标签
- 优先选择热门标签
- 不要选择无关标签
标题优化
- 长度:15-30 字
- 包含关键词
- 有吸引力但不夸张
实战经验
✅ 成功案例
- 发布 15+ 篇文章
- 100% 发布成功率
- Cookie 有效期 > 1 年
⚠️ 注意事项
- 避免短时间大量发布(会被限流)
- 文章要有真实价值(不要纯广告)
- 互动能增加曝光(及时回复评论)
完整示例
#!/usr/bin/env python3
import requests
def publish_article(title, content, tags):
cookies = load_cookies()
url = "https://api.juejin.cn/content_api/v1/article_draft/create"
data = {
"title": title,
"mark_content": content,
"category_id": "6809637773935378440",
"tag_ids": tags,
"brief_content": content[:100]
}
response = requests.post(url, json=data, cookies=cookies)
return response.json()
# 使用
publish_article(
"用 OpenClaw 自动化赚钱",
"# 前言\n...",
["6809637771516119047", "6809637771516120071"]
)
创建:2026-03-11 版本:1.0 状态:✅ 实战验证(已发布 15+ 篇)
Comments
Loading comments...