Skills
skills/aaaaqwq/claude-code-skills/xiaohongshu-publish/Snyk

xiaohongshu-publish

Warn

Audited by Snyk on Mar 17, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly requires opening and interacting with the public Xiaohongshu creator site (https://creator.xiaohongshu.com/publish/...), and instructs the agent to read page elements and "adjust" if they change, so the agent consumes untrusted third‑party web content that can influence its navigation and actions.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 17, 2026, 01:18 AM
Issues
1