cf-crawl

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly instructs the agent to POST to Cloudflare's Browser Rendering /crawl API using a user-supplied target URL (Step 3) and to save the crawled pages' markdown locally (Step 6 / usage examples like --merge), which clearly ingests untrusted public website content that the agent will read and use as part of its workflow.