xiaohongshu-lowtop
Warn
Audited by Snyk on Jun 12, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). 运行时 LLM 上下文会包含从红狐Hub API 返回的外部笔记字段(如
title、desc、userName)被脚本原样拼接进 Markdown/HTML(fetch_explosive_articles.py生成full_output_text并print到 stdout,随后被 Agent 作为可读文本输出给用户/进入上下文);这些内容来自小红书第三方作者而非操作用户。
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata