xiaohongshu-similar-account

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.75). 运行时通过 query_similar_accounts() 调用红狐 API 获取的 sameLevelAccounts/highLevelAccounts 字段（如 nickname/url/works 等）会被拼接进对话输出与生成的 HTML；这些内容属于外部第三方数据源（非操作用户自写），存在间接提示注入风险。

MEDIUM W021: Hidden or invisible Unicode characters detected (potential obfuscation or prompt injection).

• Hidden Unicode characters detected (1 type(s) found)