cloudflare-one
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFE
Full Analysis
- Retrieval-First Architecture: The skill emphasizes using official Cloudflare documentation and API schemas for real-time information. This practice ensures configuration accuracy and reduces the risk of relying on outdated or potentially misleading static data.
- Operational Guardrails: Detailed instructions are provided for staging changes, implementing rollbacks, and using pilot groups. These measures help prevent broad production impacts from configuration errors.
- Identity and Access Security: The guidance includes clear distinctions between Access and Gateway policies, emphasizing the importance of identity-aware controls and Zero Trust principles. It also highlights the case-sensitivity and staleness risks associated with identity provider syncs.
- Encouragement of Best Practices: The skill provides validation prompts and specific technical advice for complex features like TLS inspection, DLP, and Split Tunneling, encouraging users to verify connectivity and policy enforcement at every step.
- Secure Secret Handling: It correctly identifies that certain credentials (like IPsec PSKs) are returned once and must be managed immediately, which aligns with standard security procedures for handling sensitive material.
Audit Metadata