cloudflare-kv
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (HIGH): Automated security scans (URLite) identified a malicious phishing URL (
keys.ma) associated with this skill. Phishing domains are used to harvest credentials or sensitive user information through deceptive redirects.\n- EXTERNAL_DOWNLOADS (MEDIUM): The skill depends oncloudflare-worker-base, which is an unverifiable third-party package. It is sourced from an untrusted repository (jezweb/claude-skills) that does not meet the Trusted External Sources criteria.\n- PROMPT_INJECTION (LOW): The skill is vulnerable to Indirect Prompt Injection (Category 8).\n - Ingestion points: Processes untrusted data from KV storage and HTTP request bodies (e.g.,
getWithMetadata,req.text()) as described inREADME.md.\n - Boundary markers: No delimiters or isolation instructions are present to separate untrusted KV data from the agent's logic.\n
- Capability inventory: The skill possesses extensive capabilities including reading, writing, and deleting data across the global Cloudflare edge network.\n
- Sanitization: The provided operational examples lack any input validation, escaping, or filtering of data retrieved from external storage.
Recommendations
- AI detected serious security threats
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata