cloudflare-worker-dev
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data access commands were detected in the skill files.
- [CREDENTIALS_UNSAFE]: The skill demonstrates secure development practices by explicitly advising against storing secrets in configuration files and recommending the use of encrypted secret management tools.
- [INDIRECT_PROMPT_INJECTION]: The skill provides templates for processing external web requests. While this creates an ingestion point for untrusted data, the skill includes standard routing and error handling logic.
- Ingestion points:
src/index.tsprocessesRequestobjects containing headers, URLs, and bodies. - Boundary markers: None present in the code snippets.
- Capability inventory: Includes network requests via
fetchand database operations viaKVandDurable Objects. - Sanitization: Demonstrates basic JSON parsing and response formatting but does not include explicit security-focused sanitization of user input.
Audit Metadata