cloudflare-dns
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses standard CLI tools including
curl,jq,dig,kubectl, andaz. These commands are used for their intended purposes: interacting with the Cloudflare API, querying DNS records, and managing Kubernetes resources. No unauthorized or suspicious command patterns were detected. - [EXTERNAL_DOWNLOADS]: The skill performs network operations to
api.cloudflare.comand references official documentation from trusted sources such askubernetes-sigsandletsencrypt.org. These interactions target well-known technology services and do not involve the execution of untrusted remote code. - [CREDENTIALS_UNSAFE]: The skill demonstrates safe credential handling by instructing users to avoid Global API Keys in favor of scoped API tokens. It provides specific guidance on rotating tokens and utilizing secure secret management solutions like Azure Key Vault and Kubernetes Secrets. No hardcoded credentials or sensitive files are exposed; all sensitive values use clear placeholders like
your-api-token. - [SAFE]: The included shell script
scripts/cloudflare-dns.shis a functional utility for API interactions. It follows shell scripting best practices, including robust error handling (set -euo pipefail), and contains no obfuscated code or hidden logic.
Audit Metadata