building-ai-agent-on-cloudflare
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The documentation guides users to bootstrap new projects using the official
create-cloudflaretool, which fetches templates from the Cloudflare GitHub organization (github.com/cloudflare/agents-starter). This is a legitimate and trusted source for project initialization. - [COMMAND_EXECUTION]: The skill includes standard commands for installing the Cloudflare
wranglerCLI and deploying Workers (npx wrangler deploy). These commands are necessary for the development and deployment of agents on the Cloudflare platform. - [DATA_EXFILTRATION]: The code samples demonstrate how agents can interact with external services via tool-calling and MCP (Model Context Protocol) connections. These interactions are documented for legitimate purposes, such as fetching weather data or connecting to external databases, and do not show signs of unauthorized data harvesting.
- [PROMPT_INJECTION]: The skill provides examples of agents that process user-generated messages from WebSockets. These messages are interpolated into the conversation history passed to the AI model. While this is standard for chat-based agents, it constitutes an indirect prompt injection surface where external input could influence the model's behavior. Developers are encouraged to use system instructions and boundary markers to manage how the AI interprets these inputs.
Audit Metadata