nuxt-production

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill defines server routes that accept and serve arbitrary user-provided/untrusted content—e.g., server/api/upload.post.ts and server/api/files/[key].get.ts (R2 uploads/reads) and server/api/cache/[key].put.ts / server/api/cache/[key].get.ts (KV) — so an agent that reads or processes those endpoints would be exposed to untrusted third‑party content that could enable indirect prompt injection.