cloudflare-agents

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's "Browse the Web" section (Web Scraping Example and onRequest handler) explicitly fetches arbitrary URLs with Puppeteer and passes the scraped HTML into an AI extractor, meaning it ingests untrusted public web content (user-provided URLs) that the agent reads and interprets.