xiaohongshu-data

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests publicly available, user-generated Xiaohongshu content (e.g., via search_notes and get_note_detail and parse_xhs_url) so the agent will read untrusted third-party posts and media from Xiaohongshu.