cloudflare-images
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- COMMAND_EXECUTION (SAFE): The script
scripts/check-versions.shusescurlto verify the availability of Cloudflare API endpoints. It uses environment variables for authentication and does not execute any remote payloads. - CREDENTIALS_UNSAFE (SAFE): No sensitive credentials, such as API tokens or account IDs, are hardcoded. The skill uses environment variables and provides clear instructions on how to securely provide these via Wrangler secrets.
- EXTERNAL_DOWNLOADS (SAFE): The project dependencies listed in
package.jsonare limited to standard, reputable development tools from the Cloudflare ecosystem (e.g.,wrangler,@cloudflare/workers-types). - DATA_EXFILTRATION (SAFE): Network communication is exclusively directed toward Cloudflare's official API and image delivery domains (
api.cloudflare.com,batch.imagedelivery.net,imagedelivery.net) for the intended purpose of the skill.
Audit Metadata