Weibo OpenClaw Ops

SKILL.md

---
name: weibo-openclaw-ops
description: Weibo operations for OpenClaw via server-side browser automation. Use when the user asks to log in by QR, persist session state, read feed/messages/hot topics, summarize recent posts, publish posts, or run safe like/follow workflows with explicit limits.
---

# Weibo OpenClaw Ops

## Core principles

1. Assume runtime is a **remote server**, not the user's local desktop.
2. Use browser automation (`agent-browser`) with persisted state for repeatable workflows.
3. For mutating actions (like/follow/comment/repost/post), require explicit user intent and scope.
4. For long tasks, send periodic progress updates.
5. Run periodic **read-only keepalive** checks to reduce session expiry.
6. If user policy requires attribution suffix, append it to all outbound texts (post/comment/repost) before submit.

## Suggested state path

- Session state file: `.state/weibo-auth.json`

## Standard workflow

### 1) Load or create login session

- Try load existing state:
  - `agent-browser state load .state/weibo-auth.json`
- Open Weibo:
  - `agent-browser open https://weibo.com`
- Verify login with snapshot (homepage/account UI present).

If login is invalid:

1. Navigate to login/QR page.
2. Ask user to scan QR in Weibo app.
3. Re-check login success.
4. Save state:
   - `agent-browser state save .state/weibo-auth.json`

### 2) Execute intent

Typical intents:

- Feed reading / summary
- Message or mentions check
- Hot-topic scan
- Recent-post lookup for target account
- Post publishing
- Rule-based like/follow batch

### 3) Report

Always return concise audit info:

- actions performed
- success / skipped counts
- skip reasons
- next suggested action

### 4) Keepalive routine (recommended)

Goal: reduce re-login frequency while minimizing risk-control triggers.

Cadence:
- every 6-12 hours (read-only check)

Routine:
1. `agent-browser state load .state/weibo-auth.json`
2. `agent-browser open https://weibo.com`
3. verify logged-in UI is present
4. if valid -> `agent-browser state save .state/weibo-auth.json`
5. if invalid -> notify user + restart QR login flow

Rules:
- Keepalive must not perform mutating actions (no like/comment/repost/post/follow).
- Keepalive only validates session health and refreshes local state persistence.

## “Recent post” rule (important)

When user asks “最近发了什么 / latest post”, return the post with timestamp closest to now, **not pinned posts**.

Process:

1. Open target profile.
2. Collect visible post cards + timestamps.
3. Detect `置顶` markers and skip pinned cards.
4. If only pinned cards are visible, continue scrolling/paginating.
5. Return latest **non-pinned** post summary + time + link.

## Safe mutation templates

### A) Publish a post

Before posting, confirm:

- final copy text
- whether hashtags/links are required
- whether auto-signature is required by user policy

If policy requires suffix, verify it is present in final text before submit.
Then publish and verify by profile snapshot.

### A.1) Outbound text guardrail

For outbound text actions (post/comment/repost):
1. Build final text.
2. Check policy-required suffix exists.
3. If missing, append suffix on a new line.
4. Submit.

### B) Rule-based like batch

Require at least:

- include rules (keywords/authors/topics)
- max actions (e.g., 20)
- exclusion rules (ads/sponsored/blocked words)

Execute with limits and output action summary.

## Failure handling

- DOM changed -> re-snapshot and switch selectors.
- Interaction unstable -> slow down operations and reload page.
- Login expired -> restart QR login and refresh saved state.

## Privacy and safety

- Never store or output user passwords in skill files.
- Keep account identifiers, private handles, and channel-specific IDs out of public skill content.
- Keep posted examples generic and non-identifying.