cloudflare-pages

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md shows Pages Functions that ingest and act on arbitrary external request data (e.g., functions/api/users.ts calling await context.request.json() to create DB entries and functions/api/files.ts using context.params to fetch R2 objects), which clearly consumes untrusted user-generated content from public requests and can materially influence behavior.