Skills
skills/jezweb/claude-skills/cloudflare-workers-ai/Gen Agent Trust Hub

cloudflare-workers-ai

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFE
Full Analysis
  • [Indirect Prompt Injection] (LOW): The provided templates ingest untrusted data (user prompts) and pass them to AI models without explicit sanitization or boundary markers. This is a common pattern in AI implementation but introduces a surface for indirect prompt injection.
  • Ingestion points: templates/ai-gateway-integration.ts and templates/ai-image-generation.ts (extracting prompt from c.req.json()).
  • Boundary markers: Absent; user input is interpolated directly into model message objects.
  • Capability inventory: env.AI.run (inference) and env.BUCKET.put (storage in Cloudflare R2).
  • Sanitization: None explicitly shown in the code examples.
  • [Data Exposure] (SAFE): The skill demonstrates writing generated image data to Cloudflare R2 buckets. This behavior is consistent with the primary purpose of image generation and storage and does not involve accessing sensitive system files or environment variables.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 04:42 PM