turnstile-spin
Pass
Audited by Gen Agent Trust Hub on Jun 12, 2026
Risk Level: SAFE
Full Analysis
- Secure Credential Management: The skill implements a robust flow for handling Cloudflare API tokens, supporting environment variables or restricted local files. It includes explicit instructions to avoid writing secrets to disk, passing them instead through secure communication channels like stdin to the wrangler CLI.
- Use of Trusted External Sources: The skill fetches its own updates and deployment templates from Cloudflare's official GitHub repository using the 'degit' tool. These downloads are performed from a trusted vendor source and are part of the intended installation process.
- Managed Infrastructure Deployment: Automates the deployment of a server-side validation Worker using the official Cloudflare 'wrangler' CLI. This follows the recommended security architecture for Turnstile by ensuring site verification is handled in a secure backend environment rather than the client browser.
- Framework-Specific Security Snippets: Provides integration examples for popular frameworks (Next.js, Astro, SvelteKit, etc.) that demonstrate standard, secure implementation patterns. This includes gating existing form handlers behind successful verification results.
Audit Metadata