cloudflare-workers

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's documentation and required runtime examples explicitly fetch and process arbitrary external URLs (e.g., the "Image Proxy" example that does await fetch(imageUrl) from a query parameter and the HTMLRewriter examples that call fetch(request) and transform upstream page content), meaning it ingests untrusted third-party web content that could influence processing.