cloudflare-workers-deploy
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install standard development tools and type definitions (
wrangler,@cloudflare/workers-types) from the public npm registry. - [REMOTE_CODE_EXECUTION]: The provided GitHub Actions workflows utilize well-known and official actions including
actions/checkout@v4,actions/setup-node@v4, andcloudflare/wrangler-action@v3to manage the build and deployment environment. - [COMMAND_EXECUTION]: Contains instructions for executing deployment and secret management commands via the Wrangler CLI (
wrangler deploy,wrangler secret put), which are necessary for the skill's primary function of cloud deployment. - [DATA_EXFILTRATION]: Correct-use of GitHub Repository Secrets (
CLOUDFLARE_API_TOKEN,CLOUDFLARE_ACCOUNT_ID) is recommended for authentication, preventing the exposure of credentials in the source code or logs. - [PROMPT_INJECTION]: The
github-scriptworkflow inreferences/github-actions.mdingests the output from the deployment step (deployment-url) to post a PR comment. This is a common CI/CD pattern with a limited attack surface and is used here for its intended purpose of notifying developers of deployment status.
Audit Metadata