xiaohongshu-write

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.95). RUNTIME path: the required workflow calls scripts/fetch_xhs_hot_articles.py, which POSTs to https://redfox.hk/.../xhs/search/search and returns outsider-authored Xiaohongshu note fields (title, desc, author info, etc.) that are then fed into the agent’s LLM context for “爆款规律分析/参考笔记来源”.