cloudflare-queues

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly describes ingesting arbitrary external content — e.g., references/http-publishing.md (accepting webhook/third‑party HTTP POSTs), references/pull-consumers.md (pulling messages from the public API), and references/r2-event-integration.md (fetching user-uploaded R2 objects) — which the agent is expected to read and act on, so untrusted third‑party data can directly influence processing and actions.