cloudflare-workers
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill is vulnerable to indirect prompt injection as it ingests untrusted data from external service logs and has capabilities to modify infrastructure. * Ingestion points: The 'wrangler tail' command streams external logs into the agent's context. * Boundary markers: None are specified to distinguish between logs and instructions. * Capability inventory: The skill can execute 'wrangler deploy', 'wrangler delete', and 'wrangler secret put'. * Sanitization: No sanitization of log output is performed.
- [EXTERNAL_DOWNLOADS] (SAFE): The skill suggests installing the 'wrangler' package and 'create-cloudflare' utility from the npm registry. These are official, well-known tools from a reputable provider.
- [COMMAND_EXECUTION] (SAFE): The provided CLI commands are standard for managing Cloudflare resources and do not include high-risk flags, obfuscation, or privilege escalation attempts.
Audit Metadata