cloudflare

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's references explicitly show runtime ingestion of untrusted third-party content—e.g., browser-rendering/api.md (page.goto(url), /scrape, /markdown endpoints) and ai-search/configuration.md (AI Search indexing a Website data source) and agents-sdk/patterns.md (onEmail handling arbitrary incoming emails then calling env.AI.run to summarize) — all of which make the agent read and act on public/user-generated content that can influence subsequent AI/tool actions.