Back to skill
Skillv1.1.0
ClawScan security
Cloudflare Manager · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 16, 2026, 6:54 PM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's files, requirements, and runtime instructions are largely consistent with a Cloudflare management utility, but it performs privileged system changes (sudo to edit /etc/cloudflared and restart services) and references a sudoers example that is not included — review before use.
- Guidance
- This skill appears to do what it says (manage Cloudflare DNS and cloudflared ingress) and installs only Python dependencies into a local virtualenv, but it will attempt privileged operations on the host: editing /etc/cloudflared/config.yml and restarting the cloudflared systemd service via sudo. Before installing or running: 1) Verify CLOUDFLARE_API_TOKEN is scoped to the minimum necessary permissions and intended zone. 2) Inspect scripts/cf_manager.py yourself and run commands with --dry-run to preview changes. 3) Confirm cloudflared is installed and CONFIG_PATH (/etc/cloudflared/config.yml) is correct for your system. 4) Because the tool uses sudo, create a restricted sudoers rule (the docs reference a sudoers.example, but that file is not included) limiting the allowed commands (e.g., tee /etc/cloudflared/config.yml and systemctl restart cloudflared). 5) Run the install script in a safe environment to create the venv and review packages installed. If you need tighter assurance, request the missing sudoers.example and explicit Zero Trust policy management details from the author.
Review Dimensions
- Purpose & Capability
- noteName, description, required binaries (python3, cloudflared), and required env vars (CLOUDFLARE_API_TOKEN, CLOUDFLARE_ZONE_ID) align with a Cloudflare DNS/tunnel manager. Minor mismatch: the description mentions 'Zero Trust policies' but the CLI implements DNS, zone settings (update_setting), and ingress updates; there is no explicit high-level Zero Trust policy management surface in the code.
- Instruction Scope
- noteSKILL.md and cf_manager.py stick to Cloudflare API calls and editing cloudflared config. However, the runtime instructions and script will read/write /etc/cloudflared/config.yml and restart the cloudflared systemd service using sudo. The docs reference references/sudoers.example for least-privilege sudo configuration, but that file is not present in the provided manifest — an inconsistency to resolve. The SKILL.md also uses $WORKSPACE paths which may not exist in all runtimes.
- Install Mechanism
- okInstall is local: scripts/install.sh creates a virtualenv and pip-installs 'requests' and 'PyYAML' from requirements.txt. No remote, arbitrary archive downloads or obscure third-party installers are used.
- Credentials
- okOnly Cloudflare credentials are required (CLOUDFLARE_API_TOKEN, CLOUDFLARE_ZONE_ID). The script also accepts CF_API_TOKEN / CF_ZONE_ID as fallbacks, which is reasonable. No unrelated credentials or broad secrets are requested.
- Persistence & Privilege
- noteThe skill is not always-enabled and does not demand persistent platform privileges. It does, however, require sudo to update system config and restart cloudflared for the 'update-ingress' workflow — a legitimate need for this functionality but high-privilege. Ensure sudo is scoped tightly (the SKILL.md suggests this) before allowing these operations.