Xiaohongshu (小红书) Automation

Initial release of xiaohongshu-mcp skill. - Automate Xiaohongshu (RedNote) content operations via Python client for the xiaohongshu-mcp local server. - Supports publishing image, text, and video content to Xiaohongshu. - Enables searching for notes and trending topics, analyzing post details and comments, and managing user feeds and profiles. - Provides clear setup instructions for running the required local server and login steps. - Includes CLI Python script with commands for status checks, searching, publishing, and retrieving detailed note information.

OpenClaw analysis

The skill's code and instructions are internally consistent with its stated purpose (it drives a local Xiaohongshu MCP server and talks to localhost), but it requires running third‑party binaries that control your account session — review those binaries and use an isolated/test account before trusting them.

Confidence: medium

VirusTotal

Type: OpenClaw Skill Name: xiaohongshu-mcp Version: 1.0.0 The skill is classified as suspicious due to its reliance on external, third-party binaries for core functionality. The `SKILL.md` explicitly instructs the user to download and execute `xiaohongshu-mcp` and `xiaohongshu-login` binaries from a GitHub repository, which then run a local server. While the bundled Python client (`scripts/xhs_client.py`) only communicates with this local server (`http://localhost:18060`) and does not exhibit direct malicious behavior (e.g., data exfiltration, remote execution), the requirement to run untrusted external executables introduces a significant supply chain risk and places a high trust burden on the user for a component outside the skill bundle's direct control.