Cf Workers Logs
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent can use the configured token to query Cloudflare Workers Observability data for the selected account, and accidental token exposure would affect that account scope.
The skill requires a Cloudflare API token and may locate it in project environment files. This is expected for querying Cloudflare logs, but it gives the agent access to a real account credential.
`CF_OBSERVABILITY_API_TOKEN` ... `Permissions`: `Account` / `Workers Observability` / `Edit` ... The skill searches for credentials ... `.env` / `.env.*` files in the project directory
Use a dedicated Cloudflare API token scoped to the minimum account and permission needed, keep .env files out of version control, and rotate the token if it is exposed.
Broad or imprecise requests could retrieve more logs than intended, though the artifacts only show the Cloudflare observability query endpoint.
The skill directs the agent to make authenticated API calls using curl. This is central to the skill's purpose, but users should be aware that requested arguments determine what logs are queried.
Use Bash with `curl` to call the API ... Construct the curl command based on the user's request.
Prefer explicit worker names, short time windows, and result limits when invoking the skill.
Cloudflare logs may expose user IDs, request details, errors, or other sensitive application information to the agent conversation.
The skill can retrieve arbitrary application log messages and custom fields. Those logs may contain sensitive data or user-controlled text that should be treated as data, not instructions.
Any custom fields logged via `console.log({ key: value })` are also queryable as top-level fields ... Use `needle.value` for free-text search across all fields.Avoid logging secrets, scope log queries narrowly, and treat returned log text as untrusted diagnostic data.