xhs-publisher

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill automates browsing and interacting with the public Xiaohongshu creator site (creator.xiaohongshu.com) and explicitly reads/acts on site-displayed user-generated content such as "活动话题" and post content (see "页面会显示当前平台的活动话题"), so untrusted third-party content could influence tool actions.