Cloudflare
Pass
Audited by Gen Agent Trust Hub on Jun 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
curlcommands to send JSON payloads tohttp://localhost:8888/notify. This is a documented 'Voice Notification' feature intended to provide status updates to the user's local environment during workflow execution. - [EXTERNAL_DOWNLOADS]: The skill references and downloads tools and configurations from trusted sources, including Cloudflare's official documentation and MCP servers (
https://mcp.cloudflare.com/mcp). These operations are consistent with the skill's primary purpose. - [CREDENTIALS_UNSAFE]: The skill proactively mitigates credential exposure by instructing the agent to run
unset CF_API_TOKEN && unset CLOUDFLARE_API_TOKENbefore deployments. This ensures that potentially sensitive environment tokens do not interfere with the preferred OAuth-based authentication flow. - [COMMAND_EXECUTION]: The skill utilizes
wranglerandbunxfor deployment tasks. These are standard CLI tools for the Cloudflare ecosystem and their use is restricted to the intended deployment workflows.
Audit Metadata