xhs-explosive-content-suite

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required workflow (references/core_workflow.md and SKILL.md) mandates running scripts/fetch_xhs_trends.py which calls the external API https://onetotenvip.com/skill/cozeSkill/getXhsCozeSkillData to fetch Xiaohongshu user-generated notes and then reads the generated _爆款数据.md for analysis and title-generation, so untrusted third-party content is directly ingested and used to drive the agent's decisions.