workers-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill performs runtime downloads of the @cloudflare/workers-types package from the npm registry using npm pack. Although the package is not from an organization on the explicit trusted list, this operation is essential for the skill's primary function of providing up-to-date type definitions for Cloudflare Workers.\n- [COMMAND_EXECUTION] (LOW): The skill executes shell commands including tar for package extraction and npx to run tools like wrangler and tsc. These commands are used to validate configuration and code against the Workers platform standards.\n- [PROMPT_INJECTION] (LOW): The skill exhibits an indirect prompt injection surface (Category 8) by fetching external documentation from developers.cloudflare.com. \n
- Ingestion points: SKILL.md (Retrieval Sources) and references/review.md.\n
- Boundary markers: Absent.\n
- Capability inventory: npm pack, tar, npx wrangler, npx tsc.\n
- Sanitization: Absent.
Audit Metadata