Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
cftunnel
v1.1.0Expose local services to the internet via Cloudflare Tunnels. CLI (npx cftunnel) and Node.js library for creating tunnels, configuring ingress routes, managi...
⭐ 0· 55·0 current·0 all-time
byCarlos Martin@pirumpi
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (manage Cloudflare tunnels, routes, and DNS) align with required binaries (node, cftunnel) and the Cloudflare API credentials listed. The install step (npm -g cftunnel) is reasonable for a CLI/library of this kind.
Instruction Scope
SKILL.md instructs the agent to create tunnels, add routes, and modify DNS — all expected. It also documents running cloudflared and optionally installing it as a system service; that step would modify the host (persistent service) if executed by the user/agent. SKILL.md references CLOUDFLARE_API_TOKEN as an alternative auth method but the metadata does not declare that env var.
Install Mechanism
Install uses npm (-g) to install the cftunnel package and create a cftunnel binary — a standard, expected mechanism. npm global installs download and write code to disk (moderate risk compared to purely instruction-only skills), but the source points to a public npm package and a GitHub homepage, not an arbitrary URL.
Credentials
Requested env vars (CLOUDFLARE_API_KEY, CLOUDFLARE_EMAIL, CLOUDFLARE_ACCOUNT_ID) are appropriate for Cloudflare API operations. Two points: (1) the SKILL.md also references CLOUDFLARE_API_TOKEN as a safer/scoped alternative but that token variable is not included in the declared requires.env, and (2) a global API key (CLOUDFLARE_API_KEY) is high-privilege compared to a scoped API token — prefer creating a scoped token limited to the necessary zones and actions.
Persistence & Privilege
always:false and no required config paths indicate the skill does not demand forced permanent inclusion. The skill documents a user-invocable option to install cloudflared as a persistent system service, which requires elevated privileges if executed, but that is an explicit user action rather than implicit behavior of the skill bundle.
Assessment
This skill appears to do what it says: manage Cloudflare Tunnels via an npm CLI. Before installing or running it, consider the following: (1) prefer using a scoped CLOUDFLARE_API_TOKEN with minimal permissions instead of a global API key; the SKILL.md mentions the token option but the metadata doesn't declare it — provide only the credentials you intend to allow. (2) npm -g will download and install code on the host; only install packages from sources you trust and check the package repo if unsure. (3) 'npx cftunnel run' may invoke cloudflared and the documented '--install-service' will create a persistent system service (requires admin rights) — don't run that unless you want a long-lived service. (4) DNS and tunnel operations can expose local services publicly and modify zone records — ensure you limit scope to dedicated zones/accounts. If you want extra assurance, review the cftunnel npm/GitHub source before installing and use a dedicated Cloudflare account or token with narrow scope.Like a lobster shell, security has layers — review code before you run it.
latestvk97awatw2rs33enyfrfp677bms83egge
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🚇 Clawdis
Binsnode, cftunnel
EnvCLOUDFLARE_API_KEY, CLOUDFLARE_EMAIL, CLOUDFLARE_ACCOUNT_ID
Primary envCLOUDFLARE_API_KEY
Install
Node
Bins: cftunnel
npm i -g cftunnel -g