xiaohongshu-growth

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's SKILL.md explicitly instructs the pipeline to call the brave-search skill in "选题与热点研究" to fetch open web / social content (e.g., 小红书爆火文章, 竞品分析), which agents ingest and use to drive recommendations, content creation, and publishing decisions, so untrusted third‑party content could indirectly inject instructions that change behavior.