cloudflare-queues

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill accepts and enqueues arbitrary external/user-provided payloads (e.g., templates/queues-producer.ts app.post('/webhooks/:service') and other endpoints that queue request bodies) and consumer code reads and acts on message.body—including fetching arbitrary URLs from message content (templates/queues-retry-with-delay.ts callExternalAPI using data.url)—so untrusted third‑party content is ingested and interpreted as part of the workflow.