runtime-google-cloud-functions

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's runtime explicitly accepts and parses arbitrary HTTP request content (event.body / event.json) and header-driven routing (x-bx-function), and the deploy example even shows --allow-unauthenticated, so untrusted third-party requests can be ingested and directly influence which handler/method runs and how the system behaves.