xiaohongshu-tools

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly runs hosted collection jobs for public Xiaohongshu content (see scripts/run_xhs_actor.mjs -> runHostedCollection with collection keys like xhs-account-posts and xhs-search) and then normalizes and processes those user-generated posts/comments (e.g., scripts/normalize_xhs_dataset.mjs, scripts/cluster_xhs_comments.mjs), so it ingests untrusted third-party social-media content that can materially influence downstream ranking/clustering actions.