Xiaohongshu (小红书) Automation
Automate Xiaohongshu (RedNote) content operations using a Python client for the xiaohongshu-mcp server. Use for: (1) Publishing image, text, and video content, (2) Searching for notes and trends, (3) Analyzing post details and comments, (4) Managing user profiles and content feeds. Triggers: xiaohongshu automation, rednote content, publish to xiaohongshu, xiaohongshu search, social media management.
No comparison available
A previous version is required before a diff can be generated.
Security Scan
Status
clean
OpenClaw
gpt-5-mini
OpenClaw analysis
The skill's code and instructions are internally consistent with its stated purpose (it drives a local Xiaohongshu MCP server and talks to localhost), but it requires running third‑party binaries that control your account session — review those binaries and use an isolated/test account before trusting them.
Confidence: medium
VirusTotal
Type: OpenClaw Skill Name: xiaohongshu-mcp Version: 1.0.0 The skill is classified as suspicious due to its reliance on external, third-party binaries for core functionality. The `SKILL.md` explicitly instructs the user to download and execute `xiaohongshu-mcp` and `xiaohongshu-login` binaries from a GitHub repository, which then run a local server. While the bundled Python client (`scripts/xhs_client.py`) only communicates with this local server (`http://localhost:18060`) and does not exhibit direct malicious behavior (e.g., data exfiltration, remote execution), the requirement to run untrusted external executables introduces a significant supply chain risk and places a high trust burden on the user for a component outside the skill bundle's direct control.