The Agent Skills Directory

[PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by processing untrusted data via event.payload and external webhook responses (e.g., in templates/basic-workflow.ts and templates/workflow-with-events.ts). This data is subsequently utilized in downstream operations such as fetch() calls and database queries. * Ingestion points: event.payload in BasicWorkflow.run and webhook data in ApprovalWorkflow.run. * Boundary markers: Not utilized in the templates. * Capability inventory: Extensive use of fetch() for network operations and env.DB for data persistence across template files. * Sanitization: No explicit sanitization or validation logic is implemented in the example templates.
[DATA_EXFILTRATION]: Template files contain fetch() operations targeting external placeholder domains like api.example.com and processor.example.com. While these represent communication with non-whitelisted domains, they are used as examples for external service integration and do not involve access to sensitive local files, credentials, or system environment variables.
[EXTERNAL_DOWNLOADS]: The skill documentation references the installation of development dependencies including wrangler, @cloudflare/workers-types, and vitest. These packages are official components of the Cloudflare Workers ecosystem and originate from a trusted organization, making them safe for their intended use in building and testing workflows.

cloudflare-workflows