google-gemini-embeddings

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly accepts and stores arbitrary user/third‑party documents (e.g., the POST /ingest handler in templates/rag-with-vectorize.ts and the query param / POST body in templates/embeddings-fetch.ts), returns that stored metadata from Cloudflare Vectorize, and injects those retrieved texts directly into LLM prompts via generateContent, so untrusted external content can be interpreted and influence prompts (risk of indirect prompt injection).