cloudflare-kv
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill documentation and templates adhere to official Cloudflare Workers KV guidelines. It provides actionable advice on avoiding rate limits and managing eventual consistency.
- [COMMAND_EXECUTION]: The skill refers to npx wrangler for managing KV namespaces and keys. This is the standard, official CLI tool for the Cloudflare platform and its use here is consistent with the skill's primary purpose.
- [PROMPT_INJECTION]: The skill provides code templates in templates/kv-basic-operations.ts and templates/kv-metadata-pattern.ts that ingest data from HTTP request components. While this is an ingestion surface for untrusted data, it is necessary for the storage functionality and does not contain instructions to subvert agent behavior.
- Ingestion points: Untrusted data enters via c.req.param, c.req.text, c.req.json, and c.req.header in Hono-based templates (templates/kv-basic-operations.ts, templates/kv-metadata-pattern.ts).
- Boundary markers: No specific delimiters or safety instructions are included in the data ingestion logic for LLM processing.
- Capability inventory: The templates interact with the KVNamespace binding (get, put, delete, list) and an optional D1Database binding across all template files.
- Sanitization: The templates include basic validation for TTL values and metadata size to comply with Cloudflare platform limits, though no specific prompt sanitization is present.
Audit Metadata