wrangler-coder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's Worker examples explicitly read and act on arbitrary HTTP request bodies (request.json() in resources/worker-example.md) and retrieve R2 objects by URL-derived keys (resources/d1-r2.md), which are untrusted user-provided third-party content that the agent would parse and use at runtime.