xiaohongshu-account-recommender

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (SKILL.md and scripts/xiaohongshu_account_recommender.py) makes a POST to the external API https://onetotenvip.com/story/xhsUser/querySimilarAccounts and ingests user-generated Xiaohongshu account data (titles, descriptions, works) which the agent must parse and read (including displaying the generated HTML), so untrusted third-party content can directly influence recommendations and outputs.