cloudflare

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's references (see references/ai-search/README.md and references/ai-search/api.md) explicitly show use of env.AI.autorag(...).aiSearch and website/R2 indexing (Website crawler and R2 buckets) so the agent is expected to read and act on content crawled or stored from public websites or user-provided files, which are untrusted third‑party sources and can materially influence subsequent responses/actions.