这是一款基于 Playwright 开发的小红书自动搜索和评论工具,作为 MCP Server,可通过特定配置接入 MCP Client(如Claude for Desktop),帮助用户自动完成登录小红书、搜索关键词、获取笔记内容及发布AI生成评论等操作。
Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"xiaohongshu MCP": {
"args": [
"/绝对路径/到/xiaohongshu_mcp.py",
"--stdio"
],
"command": "/绝对路径/到/venv/bin/python3"
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
本项目基于 JonaFly/RednoteMCP 并结合多次实战经验,进行全面优化和功能扩展(by windsurf)。在此向原作者的贡献表示由衷的感谢!
Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.
uvx 'fastmcp' 2>&1 | head -1 && echo "✓ Server started successfully"
After testing, let us know if it worked:
Five weighted categories — click any category to see the underlying evidence.
FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities
## Summary While testing the *GitHubProvider* OAuth integration, which allows authentication to a FastMCP MCP server via a FastMCP OAuthProxy using GitHub OAuth, it was discovered that the FastMCP OAuthProxy does not properly validate the user's consent upon receiving the authorization code from GitHub. In combination with GitHub’s behavior of skipping the consent page for previously authorized clients, this introduces a Confused Deputy vulnerability. ## Technical Details An adversary can initi
FastMCP has a Command Injection vulnerability - Gemini CLI
Server names containing shell metacharacters (e.g., `&`) can cause command injection on Windows when passed to `fastmcp install claude-code` or `fastmcp install gemini-cli`. These install paths use `subprocess.run()` with a list argument, but on Windows the target CLIs often resolve to `.cmd` wrappers that are executed through `cmd.exe`, which interprets metacharacters in the flattened command string. PoC: ```python from fastmcp import FastMCP mcp = FastMCP(name="test&calc") @mcp.tool def rol
FastMCP OAuth Proxy token reuse across MCP servers
While testing the OAuth Proxy implementation, it was noticed that the server does not properly respect the `resource` parameter submitted by the client in the authorization and token request. Instead of issuing the token explicitly for this MCP server, the token is issued for the `base_url` passed to the `OAuthProxy` during initialization. **Affected File:** *https://github.com/jlowin/fastmcp/blob/main/src/fastmcp/server/auth/oauth_proxy.py#L828* **Affected Code:** ```python self._jwt_issuer:
FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name
### Summary A command-injection vulnerability lets any attacker who can influence the server_name field of an MCP execute arbitrary OS commands on Windows hosts that run fastmcp install cursor ### Details 1. generate_cursor_deeplink(server_name, …) embeds server_name verbatim in a cursor://…?name= query string. 2. open_deeplink() is invoked with shell=True only on Windows. That calls cmd.exe /c start <deeplink>. 3. Any cmd metacharacter inside server_name (&, |, >, ^, …) escapes the start comma
FastMCP vulnerable to reflected XSS in client's callback page
### Summary While setting up an oauth client, it was noticed that the callback page hosted by the client during the flow embeds user-controlled content without escaping or sanitizing it. This leads to a reflected Cross-Site-Scripting vulnerability. ### Details The affected code is located in *https://github.com/jlowin/fastmcp/blob/main/src/fastmcp/client/oauth_callback.py*, which embeds all values passed to the `create_callback_html` function via the `message` parameter it into the callback pag
Click any tool to inspect its schema.
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in browser / marketing
Browser automation with Puppeteer for web scraping and testing
Self-hosted URL- and file-to-Markdown service for humans and AI agents - web pages, documents, images, audio, YouTube. PWA + REST + MCP + Claude Code skill, Reddit-aware, refreshable share links.
🔥 Official Firecrawl MCP Server - Adds powerful web scraping and search to Cursor, Claude and any other LLM clients.
DataForSEO API modelcontextprotocol server
MCP Security Weekly
Get CVE alerts and security updates for Redbook Search Comment MCP2.0 and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.
English | 中文
本项目基于 JonaFly/RednoteMCP 并结合多次实战经验,进行全面优化和功能扩展(by windsurf)。在此向原作者的贡献表示由衷的感谢!
这是一款基于 Playwright 开发的小红书自动搜索和评论工具,作为 MCP Server,可通过特定配置接入 MCP Client(如Claude for Desktop),帮助用户自动完成登录小红书、搜索关键词、获取笔记内容及发布AI生成评论等操作。
Python 环境准备:确保系统已安装 Python 3.8 或更高版本。若未安装,可从 Python 官方网站下载并安装。
项目获取:将本项目克隆或下载到本地。
创建虚拟环境:在项目目录下创建并激活虚拟环境(推荐):
# 创建虚拟环境
python3 -m venv venv
# 激活虚拟环境
# Windows
venv\Scripts\activate
# macOS/Linux
source venv/bin/activate
安装依赖:在激活的虚拟环境中安装所需依赖:
pip install -r requirements.txt
pip install fastmcp
安装浏览器:安装Playwright所需的浏览器:
playwright install
在 MCP Client(如Claude for Desktop)的配置文件中添加以下内容,将本工具配置为 MCP Server:
{
"mcpServers": {
"xiaohongshu MCP": {
"command": "/绝对路径/到/venv/bin/python3",
"args": [
"/绝对路径/到/xiaohongshu_mcp.py",
"--stdio"
]
}
}
}
{
"mcpServers": {
"xiaohongshu MCP": {
"command": "C:\\Users\\username\\Desktop\\MCP\\Redbook-Search-Comment-MCP2.0\\venv\\Scripts\\python.exe",
"args": [
"C:\\Users\\username\\Desktop\\MCP\\Redbook-Search-Comment-MCP2.0\\xiaohongshu_mcp.py",
"--stdio"
]
}
}
}
重要提示:
- 请使用虚拟环境中Python解释器的完整绝对路径
- Mac示例:
/Users/username/Desktop/RedBook-Search-Comment-MCP/venv/bin/python3- Windows示例:
C:\Users\username\Desktop\MCP\Redbook-Search-Comment-MCP2.0\venv\Scripts\python.exe- 同样,xiaohongshu_mcp.py也需要使用完整绝对路径
- Windows路径中的反斜杠在JSON中需要双重转义(使用
\)
不同系统环境中,Python 命令可能有所不同,这取决于您的系统配置。以下是如何确定您应该使用哪个命令:
确定您的 Python 命令:
python --version 和 python3 --version在虚拟环境中确认:
which python 或 where python(Windows)配置中使用正确的命令:
python3 或虚拟环境中的 pythonpython 或 python.exe在配置文件中,始终使用虚拟环境中 Python 解释器的完整绝对路径,而不是命令名称。
直接运行:在项目目录下,激活虚拟环境后执行:
python3 xiaohongshu_mcp.py
通过 MCP Client 启动:配置好MCP Client后,按照客户端的操作流程进行启动和连接。
在MCP Client(如Claude for Desktop)中连接到服务器后,可以使用以下功能:
工具函数:
mcp0_login()
在MCP客户端中的使用方式: 直接发送以下文本:
帮我登录小红书账号
或:
请登录小红书
功能说明:首次使用时会打开浏览器窗口,等待用户手动扫码登录。登录成功后,工具会保存登录状态。
工具函数:
mcp0_search_notes(keywords="关键词", limit=5)
在MCP客户端中的使用方式: 发送包含关键词的搜索请求:
帮我搜索小红书笔记,关键词为:美食
指定返回数量:
帮我搜索小红书笔记,关键词为旅游,返回10条结果
功能说明:根据关键词搜索小红书笔记,并返回指定数量的结果。默认返回5条结果。