cloudflare-traffic-investigator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill issues cloudflare-mcp-cli GraphQL/REST queries (see steps/step-04-identify-ja4.md, step-05-analyze-traffic.md, and references/cloudflare-api-cli.md) that ingest firewallEvents, userAgent strings, request paths and query parameters from Cloudflare (untrusted, user-generated traffic) and the workflow explicitly requires the agent to read and act on those values to decide legitimacy and escalation, so third-party content can materially influence agent decisions.