cf-edge
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill instructs the user to install
wranglervianpmandcloudflaredviabrew. While these are legitimate tools for the task, they are external dependencies installed at a global level. - [COMMAND_EXECUTION] (LOW): The skill is centered around executing shell commands to manage cloud infrastructure. The included
scripts/check-usage.shscript automates the listing of deployments, databases, and buckets, which requires an authenticated environment. - [Indirect Prompt Injection] (LOW): The skill possesses a vulnerability surface for indirect prompt injection as it processes user-provided inputs into shell commands.
- Ingestion points: User-provided project names, database names, and file paths in
SKILL.mdandcheck-usage.sh. - Boundary markers: Absent.
- Capability inventory: Subprocess calls to
wranglerandcloudflaredare present throughout the skill. - Sanitization: Absent; the skill relies on the user to provide valid names.
- [DATA_EXFILTRATION] (SAFE): No unauthorized data transmission patterns were found. The skill interacts with Cloudflare's official endpoints as expected for its stated purpose.
- [PROMPT_INJECTION] (SAFE): The instructions are clear and do not contain patterns designed to bypass AI safety filters or hijack the agent's behavior.
Audit Metadata