workers-security
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- PROMPT_INJECTION (SAFE): No instructions designed to override agent logic or bypass safety filters were detected. The content is strictly educational and defensive.\n- CREDENTIALS_UNSAFE (SAFE): The skill utilizes generic placeholders for secrets and provides extensive documentation on how to properly use Cloudflare's secure secret storage (Wrangler secrets).\n- DATA_EXFILTRATION (SAFE): No unauthorized data transmission or access to sensitive local files was found. All network and storage operations are consistent with the documented purpose of building secure APIs.\n- EXTERNAL_DOWNLOADS (SAFE): The skill references standard development tools (Wrangler, Hono, Zod). While a security audit script is mentioned in documentation, it is not included in the skill payload; its described use is for legitimate security auditing and does not constitute a risk in this context.\n- INDIRECT_PROMPT_INJECTION (SAFE): The skill explicitly teaches how to mitigate indirect injection through rigorous input validation.\n
- Ingestion points: Web request body via
request.json()and headers (Authorization, Origin) processed insecure-worker.tsandSKILL.md.\n - Boundary markers: Heavy emphasis on schema validation using the Zod library to create strict boundaries for untrusted data.\n
- Capability inventory: The code templates have capabilities to interact with Cloudflare KV storage and D1 databases.\n
- Sanitization: Provides patterns for constant-time comparisons, security headers, and schema-based filtering.
Audit Metadata