Cloudflare

Pass

Audited by Gen Agent Trust Hub on Jun 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses curl commands to send JSON payloads to http://localhost:8888/notify. This is a documented 'Voice Notification' feature intended to provide status updates to the user's local environment during workflow execution.
  • [EXTERNAL_DOWNLOADS]: The skill references and downloads tools and configurations from trusted sources, including Cloudflare's official documentation and MCP servers (https://mcp.cloudflare.com/mcp). These operations are consistent with the skill's primary purpose.
  • [CREDENTIALS_UNSAFE]: The skill proactively mitigates credential exposure by instructing the agent to run unset CF_API_TOKEN && unset CLOUDFLARE_API_TOKEN before deployments. This ensures that potentially sensitive environment tokens do not interfere with the preferred OAuth-based authentication flow.
  • [COMMAND_EXECUTION]: The skill utilizes wrangler and bunx for deployment tasks. These are standard CLI tools for the Cloudflare ecosystem and their use is restricted to the intended deployment workflows.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 30, 2026, 03:33 PM
Security Audit — agent-trust-hub — Cloudflare