xiaohongshu-dailytop
Warn
Audited by Snyk on Jun 12, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). 运行时会调用红狐 API 获取小红书“爆款笔记”数据,并将返回的外部作者/笔记标题与描述等字段(如
title,userName,desc)清洗后直接拼入 LLM 输出的 Markdown 表格与分析文本;这些文本来源于第三方平台内容而非操作用户。
MEDIUM W021: Hidden or invisible Unicode characters detected (potential obfuscation or prompt injection).
- Hidden Unicode characters detected (1 type(s) found)
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W021
MEDIUMHidden or invisible Unicode characters detected (potential obfuscation or prompt injection).
Audit Metadata