cloudflare
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill documentation includes commands that ingest local files into Cloudflare services, creating a vulnerability surface if the files contain malicious instructions. Ingestion points: File-based commands like
wrangler d1 execute --file,wrangler kv bulk put,wrangler r2 object put, andwrangler secret bulk(found in SKILL.md). Boundary markers: None specified in the documentation to separate data from instructions. Capability inventory: Management of workers, databases, and secrets via thewranglerCLI. Sanitization: No input validation or sanitization of file contents is recommended.
Audit Metadata