claude-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts and forwards arbitrary user-supplied messages and content blocks (including publicly accessible image URLs) to the Claude API — see references/api-reference.md ("url?: string // publicly accessible URL") and the Cloudflare/Next.js worker templates (templates/cloudflare-worker.ts and templates/nextjs-api-route.ts) that directly pass request.json messages to the model — meaning untrusted third-party content can be ingested and could influence tool use and subsequent agent actions.