cloudflare-r2-d1

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill accepts and serves arbitrary user-generated content — e.g., the R2 PUT/GET handlers and the Full-Stack pattern that reads posts from D1 and images from env.BUCKET — so it clearly ingests untrusted third-party content that could contain indirect prompt injections.