claude-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill clearly ingests untrusted user-generated content — e.g., templates/cloudflare-worker.ts and templates/nextjs-api-route.ts accept arbitrary "messages" from request bodies (and the API/content blocks also allow image sources as public "url"), which the agent will read and interpret as part of its workflow, exposing it to indirect prompt injection.