claude-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly accepts and forwards arbitrary user-provided messages and publicly-accessible content (e.g., api-reference/content block "image.source.url", vision templates like templates/vision-image.ts, and the Next.js/Cloudflare worker endpoints that take messages from incoming requests) to Claude, meaning untrusted third-party content/URLs are ingested and interpreted by the agent.