cloudflare-kv

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill exposes HTTP endpoints and templates (e.g., templates/kv-basic-operations.ts app.put('/kv/:key'), app.post('/kv/bulk/get'), templates/kv-list-pagination.ts /kv/export and multiple list/get endpoints) that accept and later read/return arbitrary user-provided data into Cloudflare KV, so the agent would ingest untrusted, user-generated content from KV as part of its workflow.