cloudflare-r2
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface.
- Ingestion points: The skill demonstrates how to retrieve content from external storage using the
getmethod inSKILL.mdandreferences/api.md. - Boundary markers: The provided implementation examples do not use delimiters or explicit instructions to treat the retrieved content as untrusted data.
- Capability inventory: The skill provides comprehensive capabilities to write (
put), delete (delete), and manage bucket configurations (CORS, lifecycle policies) across all reference scripts. - Sanitization: There is no evidence of sanitization or validation of the retrieved data before it is processed by the agent.
Audit Metadata