xiaohongshu-mcp
Verified Safeby xpzouying
Overview
Automate content creation, publishing, and interaction (search, detail, comment, like, favorite) on the Xiaohongshu platform via Model Context Protocol (MCP) and HTTP APIs, primarily for AI agent integration.
Installation
docker compose up -dEnvironment Variables
- ROD_BROWSER_BIN
- COOKIES_PATH
Security Notes
The service uses `go-rod` for browser automation, which inherently involves rendering external web content and poses risks related to browser vulnerabilities (e.g., zero-days) if exploited. It explicitly mentions being for 'learning purposes only' and prohibiting 'illegal activities'. CORS is set to `*`, which is a common setup for local development/integration but less secure for public-facing deployments. File system operations for cookies and downloaded images are standard for this type of tool but require host system security. Panic recovery is implemented for MCP tool handlers. The image downloader attempts basic file type detection but could still be a vector for malicious content if not carefully managed by the user. The `xsec_token` is passed as a string, its security depends on the underlying Xiaohongshu platform and how it's handled in the `xiaohongshu` package (which is truncated).
Similar Servers
wecom-bot-mcp-server
An MCP server that enables AI assistants to send various message types, files, and images to WeCom (WeChat Work) groups, supporting single or multiple bot configurations.
mcp-discord
Enables AI assistants to interact with the Discord platform by providing a set of Discord-related functionalities via the Model Context Protocol (MCP).
RedNote-MCP
Access and interact with Xiaohongshu (RedNote) content through Model Context Protocol (MCP) by automating browser interactions.
qiniu-mcp-server
Provides a Model Context Protocol (MCP) server that enables AI models to interact with Qiniu cloud services including storage, intelligent multimedia processing, CDN, and live streaming.