deploy-verify

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). Step 4 "Run Verification" explicitly instructs the agent to fetch and inspect responses from deployed worker URLs (e.g., curl https:/// and check bodies/headers), which are arbitrary external HTTP endpoints with user-controlled/untrusted content that the agent reads and uses to decide pass/fail.