xhs-breaking-rankings

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's runtime workflow (references/api-spec.md and scripts/fetch_explosive_articles.py) fetches public Xiaohongshu user-generated posts from https://onetotenvip.com/story/cozeSkill/getXhsCozeSkillDataLowFans and core_workflow.md requires running that script and reading/outputting the generated ./xhs_breaking_rankings.md (which embeds titles/descriptions/links), so untrusted third‑party content is ingested and directly influences the agent's analysis and outputs.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's runtime script scripts/fetch_explosive_articles.py makes live HTTPS requests to the API https://onetotenvip.com/story/cozeSkill/getXhsCozeSkillDataLowFans to fetch JSON which is required to generate the ./xhs_breaking_rankings.md that the agent must "原样输出" (i.e., remote data is fetched at runtime and directly controls the content the agent is forced to output), so this external URL is a high-confidence runtime dependency that controls agent behavior.