Skills
skills/secondsky/claude-skills/cloudflare-workers-dev-experience/Gen Agent Trust Hub

cloudflare-workers-dev-experience

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The scripts/dev-setup.sh script fetches the Bun runtime installation script from https://bun.sh/install. This is the official and standard installation method provided by the Bun project for Unix-like environments.
  • [REMOTE_CODE_EXECUTION]: The initialization script uses a piped-to-shell command (curl | bash) to install the Bun runtime. This execution is confined to the initial setup of the developer's local environment and is explicitly documented as a requirement for project initialization.
  • [SAFE]: No malicious patterns such as credential harvesting, persistence mechanisms, or obfuscation were detected. The skill demonstrates security best practices by recommending the use of .dev.vars for local secrets and explicitly instructing users to exclude these files from version control via .gitignore.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 02:14 PM
Security Audit — agent-trust-hub — cloudflare-workers-dev-experience