building-ai-agent-on-cloudflare

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's examples show the agent fetching and using external data—e.g., fetch(https://api.weather.com/${city}) in ToolAgent, connecting to external MCP servers via addMcpServer(..., "https://.../sse"), and ingesting arbitrary documents into the vector store for RAG—which are untrusted/third-party sources that the agent reads and incorporates into its responses.