Skills
skills/mderazon/agent-skills/cloudflare-tomarkdown/Gen Agent Trust Hub

cloudflare-tomarkdown

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted data from external URLs and local files to generate Markdown output, which is a primary surface for indirect prompt injection.
  • Ingestion points: Untrusted data enters the agent context via options.url and options.file in scripts/render.js, which are then sent to Cloudflare APIs for conversion.
  • Boundary markers: The script implements explicit boundary markers in the printSafeOutput function, wrapping converted content with '--- START OF UNTRUSTED CONTENT ---' and a warning to the agent to treat the information as plain text and avoid executing any instructions found within.
  • Capability inventory: The script uses fs.readFileSync for local file access and fetch for network requests to Cloudflare APIs and external URLs (in scripts/render.js).
  • Sanitization: The script includes a printSafeOutput function that adds clear visual and textual delimiters to the untrusted output before it is presented to the agent, reducing the risk of the agent accidentally following embedded instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 02:29 AM