cloudflare-workers

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's documentation includes examples that fetch and ingest untrusted external content—e.g., proxyRequest and cachedFetch calling arbitrary upstream URLs, the webhook handler reading incoming POST bodies, and the URL shortener storing/redirecting user-provided URLs—so third-party/user-generated content is read and can directly influence runtime actions of the worker (and could be forwarded to Workers AI), which meets the criteria for indirect prompt injection risk.