cloudflare-deploy
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Analysis of 313 files across the skill's reference library found no malicious code, obfuscation, or unauthorized access patterns.
- [EXTERNAL_DOWNLOADS]: Dependencies and remote script references identified in the documentation belong to trusted organizations (e.g., Cloudflare, Vercel) or well-known development services (e.g., AWS, GitHub, Coder). These include standard analytics beacons, Turnstile CAPTCHA scripts, and official SDKs.
- [CREDENTIALS_UNSAFE]: The skill includes extensive documentation on the Cloudflare Secrets Store and consistently instructs users to manage sensitive data using environment variables and secure bindings rather than hardcoding credentials.
- [COMMAND_EXECUTION]: The skill provides numerous CLI command examples for tools like Wrangler and cloudflared, all of which are documented for legitimate administrative and deployment purposes.
- [PROMPT_INJECTION]: Scrutiny of the instructional content revealed no attempts to override agent behavior or bypass security protocols.
- [REMOTE_CODE_EXECUTION]: While the skill documents tools for executing code (such as the Sandbox SDK and Browser Rendering), these features are presented as intended functionalities for developer environments and browser automation tasks.
Audit Metadata