Skills
skills/starchild-ai-agent/official-skills/cloudflare-tunnel-publish/Gen Agent Trust Hub

cloudflare-tunnel-publish

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads the cloudflared binary from Cloudflare's official GitHub repository (github.com/cloudflare/cloudflared). This is a trusted organization and a well-known service, making the download safe for the skill's intended purpose.
  • [COMMAND_EXECUTION]: The skill executes shell commands to download, configure, and run the Cloudflare tunnel client. It also uses curl to verify DNS and SSL status via Google's DNS-over-HTTPS service. These commands are necessary for the skill's core functionality.
  • [REMOTE_CODE_EXECUTION]: The automated scanner flagged commands involving curl piped to python3 as a remote code execution risk. However, manual review confirms that these commands (e.g., curl ... | python3 -m json.tool) use the standard Python library to format and display JSON data for human readability and do not execute external code.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 04:33 PM