cloudflare-browser-rendering

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly shows workers and REST endpoints that navigate to arbitrary public URLs (e.g., page.goto("https://news.ycombinator.com"), REST API url parameter, and the "AI-Powered Web Scraper" example that passes rendered page HTML into Workers AI), meaning the agent will ingest untrusted, user-generated web content that can influence subsequent AI/tool actions.