wrangler
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill provides an extensive reference for the 'wrangler' CLI, enabling the agent to assist in deploying code, managing databases (D1), and configuring storage (KV, R2). These commands are consistent with the skill's primary purpose.
- [EXTERNAL_DOWNLOADS]: Includes instructions for installing the 'wrangler' package and related developer tools from the npm registry. These are official and well-known tools from Cloudflare.
- [CREDENTIALS_UNSAFE]: The skill correctly demonstrates using '.dev.vars' and 'wrangler secret' for sensitive data management, explicitly advising against committing secrets to configuration files.
- [PROMPT_INJECTION]: Accessing external logs ('wrangler tail') and database content presents a surface for indirect prompt injection. However, this risk is inherent to resource management tools and no malicious exploitation patterns were observed. Ingestion points: 'wrangler tail', 'wrangler d1 execute', 'wrangler kv key get' (SKILL.md). Boundary markers: None. Capability inventory: 'wrangler' CLI command execution (SKILL.md). Sanitization: None.
Audit Metadata