Thank you for contacting Cloudflare Support. Sorry about the bad automated answer.
Like a website, the assets that are put into the cache via the API, or by request, are only accessible by the account that put them there. To rephrase, I don’t have access to the assets that are put into the cache by your Workers, either by the API or by requesting them directly. So to answer your question directly:
If I put there a payload that should not be public, will other workers (from other accounts) will be able to access it?
No. Other Workers cannot access the assets that your Worker has put into the cache.
That being said, once it’s in the cache, it’s publicly available if your Worker is configured to run on a public route. I could have have access to the assets if your Worker was written in such a way that all I needed to do was go to the URL that your Worker runs on. In order to make sure that only you can access the assets that were put into the cache, you may have to either use Cloudflare Access to lock down your website to only yourself, use a Firewall Rule to restrict access to the URL that the Worker runs on, or a combination of both.
In the meantime, if you have further questions about this, please don’t hesitate to reach out.