cloudflare-workers

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md includes concrete runtime examples that fetch and process arbitrary public URLs (e.g., the "Image Proxy" example that fetches the imageUrl query parameter and returns the fetched body, and HTMLRewriter/fetch examples that load and transform responses), meaning the skill routinely ingests untrusted third‑party web content which can influence runtime behavior.