cloudflare-pages
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the execution of arbitrary build commands specified by the user (e.g., 'hugo --minify', 'npm run build'). This creates a potential vector for command injection if an attacker can influence the command string provided to the deployment scripts. Evidence is found in the 'Quick Deploy' and 'Full Setup Workflow' sections of 'SKILL.md' and the 'scripts/setup-pages-project.sh' file.
- [PROMPT_INJECTION]: The skill is vulnerable to Indirect Prompt Injection because it processes untrusted user input (project names, build commands, custom domains) without sanitization. 1. Ingestion points: Command-line arguments in 'setup-pages-project.sh', 'add-custom-domain.sh', and 'verify-deployment.sh'. 2. Boundary markers: Absent in all provided scripts; input is used directly. 3. Capability inventory: The skill utilizes 'curl' for network operations to Cloudflare's API and the 'wrangler' CLI for project management and deployment. 4. Sanitization: Input variables are interpolated directly into shell commands and JSON request bodies without validation or escaping beyond basic shell quoting.
Audit Metadata