cloudflare-workers

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly shows runtime behavior that fetches and forwards untrusted third-party content — e.g., "references/advanced-features.md" (Workers for Platforms: dynamic dispatch and uploadUserWorker that uploads customer-provided code, and examples using fetch/page.goto/HTMLRewriter that fetch arbitrary external URLs) — which the Worker is expected to read and execute or route to, enabling indirect prompt injection via user-supplied web content or uploaded worker code.