cloudflare-workers-frameworks
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The documentation includes instructions for installing official framework packages and Cloudflare adapters using standard package managers. These are established libraries from well-known technology organizations and service providers.
- [INDIRECT_PROMPT_INJECTION]: Several templates include logic for processing untrusted data from web forms and API requests, establishing a data ingestion surface.
- Ingestion points: External data is processed in files like
templates/astro-page.astro,templates/hono-app.ts, andtemplates/remix-loader.tsxvia standard request objects. - Boundary markers: The templates use standard HTTP delimiters and implement parameterized SQL for database interactions to prevent common injection attacks.
- Capability inventory: The code snippets demonstrate operations involving Cloudflare D1 (SQL), KV (storage), and R2 (objects).
- Sanitization: Input validation is explicitly demonstrated in multiple examples, such as the use of Zod in the Hono and Qwik templates and manual validation logic in the Remix and Astro examples.
Audit Metadata