xiaohongshu-mcp
Verified Safeby xpzouying
Overview
Automates interactions with the Xiaohongshu (RedNote) platform via an HTTP API and Model Context Protocol (MCP), enabling AI clients to publish content, search, retrieve feed details, and manage user interactions.
Installation
docker compose up -dEnvironment Variables
- ROD_BROWSER_BIN
- COOKIES_PATH
Security Notes
The HTTP API uses '*' for CORS, which allows requests from any origin, potentially broadening the attack surface if the API is exposed to untrusted networks without additional authentication. The image/video downloader function, while validating `http/https` schemes, does not prevent Server-Side Request Forgery (SSRF) to internal network IPs, though a 30-second timeout helps mitigate resource exhaustion attacks. Cookie handling is local with `0644` file permissions, but account security relies heavily on the server's deployment environment and user practices. No explicit API key or token-based authentication beyond session cookies is observed for the HTTP API endpoints.
Similar Servers
wecom-bot-mcp-server
Facilitates sending messages, images, and files to WeCom (WeChat Work) groups via the Model Context Protocol (MCP).
mcp-discord
An MCP server that enables AI assistants to interact with the Discord platform by providing tools for communication, channel management, and server information retrieval.
RedNote-MCP
Provides a Model Context Protocol server to access and interact with Xiaohongshu (RedNote) content.
qiniu-mcp-server
Provides a Model Context Protocol (MCP) server that enables AI models to interact with Qiniu cloud services including storage, intelligent multimedia processing, CDN, and live streaming.