bot-protection
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references and provides instructions for integrating Cloudflare Turnstile. It recommends loading the Turnstile API from 'https://challenges.cloudflare.com/turnstile/v0/api.js' and performing server-side verification via 'https://challenges.cloudflare.com/turnstile/v0/siteverify'. These are official, trusted endpoints from Cloudflare.
- [EXTERNAL_DOWNLOADS]: The skill utilizes official packages for edge-layer rate limiting, specifically '@upstash/ratelimit' and '@upstash/redis'. Upstash is a recognized and well-known service provider.
- [SAFE]: Instructions for handling sensitive data, such as API secret keys, correctly advise using environment variables (e.g., 'process.env.TURNSTILE_SECRET_KEY') rather than hardcoding credentials.
- [SAFE]: No patterns of prompt injection, obfuscation, or persistence mechanisms were found. The skill maintains a consistent focus on its stated security purpose.
Audit Metadata