cloudflare-queues
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The consumer templates in the
assets/directory ingest untrusted data from queue messages, representing an indirect prompt injection surface. * Ingestion points:batch.messagesin consumer scripts. * Boundary markers: Absent, as these are generic code templates. * Capability inventory: The templates demonstrate the use of D1 databases, KV namespaces, and external network requests viafetch. * Sanitization: Not implemented in templates; developers are expected to add validation for their specific data schemas. - Safe Credential Practices (SAFE): The templates correctly use environment variables (
process.env.RESEND_API_KEY,env.API_KEY) for authentication rather than hardcoding secrets.
Audit Metadata