cloudflare

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill instructs downloading and installing a remote executable at runtime from https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb (curl ... && dpkg -i), which fetches and executes remote code and is a required dependency for the tunnel functionality.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill instructs running sudo commands (package install and "cloudflared service install"), writes/root-level config paths, and installs a system service and SSH-exposing tunnel—actions that modify system state and require elevated privileges.