cloudflare-workers-runtime-apis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's documentation and templates explicitly fetch and proxy external URLs (e.g., SKILL.md and references/fetch-api.md show fetch('https://api.example.com/...') and templates/fetch-patterns.ts includes proxyRequest/fetchParallel) and the websocket Durable Object templates (templates/websocket-handler.ts and references/websockets.md) ingest and act on arbitrary client messages—untrusted third-party content that the agent reads and uses to determine behavior—so it clearly exposes the agent to indirect prompt injection risk.