cloudflare-vectorize

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill fetches and ingests arbitrary public web pages via the POST /ingest/url handler in templates/document-ingestion.ts (it calls fetch(body.url) and then extracts/chunks the text for embedding and indexing), meaning untrusted third‑party content is retrieved and directly read/interpreted by the agent and could carry indirect prompt-injection content.