cloudflare
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The
scripts/directory containingdeploy-cloudflare.js, which is described as the primary way to use the skill inSKILL.md, is missing from the file set. - [CREDENTIALS_UNSAFE]: A hardcoded public key (
TEST_PEM) is present in the unit test fileworker/src/__tests__/crypto-jwt.test.ts. This is documented as being for testing purposes only. - [PROMPT_INJECTION]: The skill provides an AI chat proxy endpoint in
worker/src/index.tsthat forwards requests to OpenRouter. This presents a potential surface for indirect prompt injection. - Ingestion points: The request body is consumed directly from
c.req.json()inworker/src/index.ts. - Boundary markers: No specific boundary markers or 'ignore' instructions are added to the proxied payload.
- Capability inventory: The worker can make network requests to
openrouter.aiusing a configured API key. - Sanitization: No content filtering is applied to the incoming data before it is sent to the AI provider.
- [EXTERNAL_DOWNLOADS]: The worker interacts with the OpenRouter API service to provide AI functionality.
Audit Metadata