xhs-explosive-content-detector

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required workflow and main script (references/core_workflow.md and scripts/fetch_xhs_trends.py) explicitly fetch user-generated Xiaohongshu content via an external API (https://onetotenvip.com/skill/cozeSkill/getXhsCozeSkillData) and the agent is instructed to read, rank, and generate recommendation reasons from those results, so untrusted third-party content can materially influence its decisions and tool use.