Back to skill

Security audit

Cloudflare Wrangler & Pages

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Cloudflare administration reference skill, but it includes powerful commands that can delete infrastructure or data if used carelessly.

Install only if you want the agent to help administer Cloudflare resources. Use least-privilege Cloudflare tokens, verify the Wrangler package, and require explicit confirmation before deletes, deployments, migrations, SQL execution, secret changes, bulk operations, direct API calls, or lifecycle-rule changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (5)

Missing User Warnings

Medium
Confidence
82% confidence
Finding
Documenting `wrangler delete` without any caution increases the chance an agent or user will irreversibly delete a worker in the wrong environment. In an agent skill, terse destructive commands are more dangerous because they can be copied or executed with little deliberation and may cause service outage.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
Secret deletion and bulk secret upload affect sensitive credentials and application behavior, yet the skill gives no warning about overwriting, revocation needs, or handling of plaintext secret files. In a security-sensitive context, this can lead to credential loss, accidental exposure, or broken deployments.

Missing User Warnings

High
Confidence
94% confidence
Finding
`wrangler d1 delete <name>` is an irreversible data-destruction operation, and presenting it without a warning materially increases the risk of accidental database loss. In an agent skill for infrastructure management, omission of safeguards around destructive database commands is dangerous because it may normalize unsafe execution.

Missing User Warnings

High
Confidence
94% confidence
Finding
Bucket and object deletion can permanently remove stored data, and the skill provides these commands with no caution or backup guidance. Because this skill is intended for operational use, absent warnings increase the likelihood of destructive misuse and service-impacting data loss.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
Queue deletion can disrupt background processing and may discard pending messages depending on system state, yet the skill omits any caution. In an automation context, this can cause avoidable service interruption and message loss.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.