cloudflare-expert

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill includes runtime code that fetches and proxies external HTTP responses (e.g., fetch(request) and fetch('https://api.example.com/users') in caching/edge/geo-routing examples) and a WebSocket ChatRoom that accepts and broadcasts client messages (handleSession), meaning it clearly ingests untrusted, user-generated third-party content as part of its workflow.