Skills
skills/mksglu/skills/building-ai-agent-on-cloudflare/Gen Agent Trust Hub

building-ai-agent-on-cloudflare

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs users to utilize official Cloudflare tools and repositories for project initialization and reference.
  • Evidence: Recommends npm create cloudflare@latest for project setup in SKILL.md.
  • Evidence: Links to trusted repositories under the cloudflare organization on GitHub, such as github.com/cloudflare/agents-starter and github.com/cloudflare/agents/tree/main/examples in references/examples.md.
  • [PROMPT_INJECTION]: The provided code templates define agents that process external user input, creating a surface for indirect prompt injection.
  • Ingestion points: onMessage handler in SKILL.md and agent-patterns.md processes string data from WebSocket connections; ingestDocument in agent-patterns.md processes text for vectorization.
  • Boundary markers: None present in the basic templates to distinguish between instructions and data.
  • Capability inventory: The templates include capabilities for SQLite database access (this.sql), network requests (fetch), task scheduling (this.schedule), and AI model execution (env.AI.run).
  • Sanitization: No explicit sanitization or validation of the ingested message or document text is performed before processing or interpolation into AI prompts.
  • [SAFE]: No obfuscation, hardcoded credentials, unauthorized persistence mechanisms, or malicious command executions were detected. The skill's functionality aligns perfectly with its stated purpose of providing Cloudflare Agent development guidelines.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 04:33 AM