cloudflare-python-workers
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (LOW): The skill templates ingest external data through HTTP request bodies and workflow payloads. While this creates a surface for indirect prompt injection or server-side request forgery (SSRF), particularly in the workflow example that fetches a user-provided URL, this is a standard capability for web workers and does not constitute a malicious finding in this context.
- Evidence Chain (Category 8):
- Ingestion points:
templates/src/entry.py(request.json()) andtemplates/workflow-example.py(event.get("payload")). - Boundary markers: None present in the provided templates; users are expected to implement their own validation logic.
- Capability inventory: The templates demonstrate network requests (fetch), database access (D1), and key-value storage (KV).
- Sanitization: Not implemented in the templates; the code focuses on demonstrating platform-specific functionality.
- External Downloads (SAFE): The skill references standard development tools such as
wrangler,workers-py, anduv. These are well-known, official packages for the Cloudflare ecosystem. All documentation links point to official Cloudflare or Pyodide domains.
Audit Metadata