cloudflare
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill presents an indirect prompt injection surface (Category 8). 1. Ingestion points: The skill ingests untrusted data from Cloudflare API responses (e.g., DNS record content) and user-supplied CLI arguments. 2. Boundary markers: No explicit delimiters or instructions to ignore embedded commands are used in the provided markdown. 3. Capability inventory: The skill has high-privilege capabilities including modifying DNS records, purging caches, and controlling Worker routes. 4. Sanitization: No evidence of sanitization is present in the skill's manifest or dependency list.
- [COMMAND_EXECUTION] (SAFE): The skill utilizes
uv runto execute a local Python script, which is a standard execution pattern for this type of agent extension. - [EXTERNAL_DOWNLOADS] (SAFE): The skill requires the
requestspackage, which is a well-known and trusted library for HTTP operations.
Audit Metadata