xiaohongshu-recruiter

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (SKILL.md) and scripts/publish_xiaohongshu.py explicitly navigate to and read/interact with the public Xiaohongshu creator site (https://creator.xiaohongshu.com/…), using page content, locators, and page.title()/page.content() to detect login state, form fields, and to decide/fill/click "Publish", which means it ingests untrusted, user-generated web content that can materially influence automated actions.