r2-storage

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md and reference files show the Worker reading and interpreting arbitrary user-provided and external S3/R2 objects (e.g., the "Multipart Form Upload Handler" and multiple examples using env.BUCKET.get() and object.text()/json(), plus the migration example in references/s3-compat.md that pulls from external S3), so the skill clearly ingests untrusted third-party/user-generated content as part of its workflow.