cloudflare-r2
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The skill references and recommends standard, industry-standard libraries such as hono, aws4fetch, and the AWS SDK for S3. All sources are trustworthy.
- [COMMAND_EXECUTION] (SAFE): The documentation contains standard npm and wrangler CLI commands for environment setup and worker deployment.
- [DATA_EXPOSURE] (MEDIUM): The file templates/r2-presigned-urls.ts includes functional code to generate signed R2 URLs for both uploads and downloads. These endpoints are currently unprotected, containing only a placeholder comment for authentication. An unsuspecting developer might deploy these endpoints publicly, allowing unauthorized third parties to read from or write to the R2 bucket.
- [INDIRECT_PROMPT_INJECTION] (LOW): The provided worker scripts ingest untrusted data such as filenames and object keys directly from request parameters and JSON bodies. While typical for storage applications, this establishes a potential surface for indirect prompt injection if an AI agent processes these keys downstream without proper sanitization.
- [SAFE]: No obfuscation, persistence mechanisms, or hardcoded credentials were found. Secret management follows Cloudflare best practices using environment variables.
Audit Metadata