openai-cloudflare-deploy
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): The skill does not contain instructions that attempt to override agent behavior or bypass safety filters. It consists primarily of technical documentation and deployment checklists.
- Data Exposure & Exfiltration (SAFE): All credentials found in the skill (e.g., in
references/turnstile/README.mdorreferences/email-routing/configuration.md) are explicitly documented as placeholders or testing keys. There are no attempts to access sensitive system files or exfiltrate environment data. - Unverifiable Dependencies (SAFE): The skill references established packages and tools from the official Cloudflare ecosystem (e.g.,
wrangler,cloudflareSDK). External resources likeesm.shorgithub.com/cloudflareare trusted sources for development libraries and schemas. - Indirect Prompt Injection (LOW): As a documentation-heavy skill that enables the agent to read and write files, it technically possesses a surface for indirect prompt injection if it were to process untrusted user data. However, it includes best practice guidance for users to sanitize inputs and use prepared statements (e.g., in
references/d1/api.md). - Dynamic Execution (SAFE): While the skill documents APIs like
sandbox.exec()oreval(), it does so in the context of Cloudflare's sandboxed runtime environments (Workers/Sandbox SDK), which is intended behavior for the described services.
Audit Metadata