workers-frameworks
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- SQL Injection Prevention (SAFE): All provided database query examples (Hono and Astro) use the
.bind()method for parameterization, which effectively prevents SQL injection vulnerabilities when interacting with Cloudflare D1 databases. - Input Validation (SAFE): The Hono application template includes
@hono/zod-validatorto enforce strict schema validation for all incoming requests, reducing the risk of processing malicious or malformed data. - Security Headers (SAFE): The Hono template pre-configures the
secureHeadersmiddleware, which sets essential HTTP security headers like X-Content-Type-Options and Content-Security-Policy. - Safe Error Management (SAFE): Error handling logic in the Hono template is environment-aware, ensuring that detailed stack traces are only shown in development and generic error messages are used in production to prevent information disclosure.
- Best Practices (SAFE): The skill provides guidance on least-privilege binding and secure CORS configuration, recommending restricted origin lists for production environments.
Audit Metadata