xiaohongshu-ai-workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). Yes — the skill explicitly runs a Xiaohongshu web crawler (see workflow/step1-数据采集.md and README referencing xiaohongshu-crawler / search_xhs.py) to ingest public, user-generated notes which are then analyzed (workflow/step2) and used for generation, exposing the agent to untrusted third-party content.