Cloudflare Tunnel Manager
ReviewAudited by ClawScan on May 10, 2026.
Overview
This is a coherent instruction-only Cloudflare tunnel guide, but users should treat it carefully because it can expose local services, change DNS, use Cloudflare credentials, and create persistent tunnels.
Install only if you understand Cloudflare Tunnels and want an agent to help with them. Before running commands, verify the Cloudflare account and domain, confirm each local port and hostname, avoid exposing SSH/admin/file services without Cloudflare Access, protect ~/.cloudflared credentials, and disable any background/systemd tunnel you no longer need.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user could unintentionally make an internal service reachable from the internet if they apply examples without checking access controls.
The skill shows how to expose local services, including SSH, through Cloudflare Tunnel. This is purpose-aligned, but a wrong hostname, service, or access policy could expose sensitive local services.
- hostname: ssh.yourdomain.com
service: ssh://localhost:22Only expose services you intend to publish, add Cloudflare Access protections for sensitive services, and review each hostname and local port before running tunnel or DNS commands.
Anyone or any agent with access to the authenticated cloudflared profile or tunnel credential file may be able to manage or run tunnels for the account.
The skill relies on Cloudflare OAuth login and local tunnel credential files. This is expected for Cloudflare Tunnel management, but it grants authority over Cloudflare tunnel and DNS resources.
cloudflared tunnel login ... credentials-file: /Users/username/.cloudflared/TUNNEL_ID.json
Use the least-privileged Cloudflare account or token available, protect files under ~/.cloudflared, and confirm which Cloudflare zone/account is active before making changes.
Installing an unverified latest binary system-wide can increase supply-chain risk if the download source, network, or release artifact is compromised.
The Linux setup downloads the latest cloudflared binary and installs it system-wide. The source is the expected Cloudflare GitHub release location, but the artifact does not pin a version or show checksum verification.
wget https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64 chmod +x cloudflared-linux-amd64 sudo mv cloudflared-linux-amd64 /usr/local/bin/cloudflared
Prefer the official package manager where possible, verify checksums/signatures, and pin a known cloudflared version for production systems.
A tunnel may continue running after the setup session ends, keeping local services reachable until the service or process is stopped.
The skill documents running a tunnel in the background and configuring a systemd service that restarts automatically. This is normal tunnel operation, but it creates persistent network exposure.
cloudflared tunnel run production-app & ... Restart=always
Use persistent service setup only when intended, document how to stop/disable it, and periodically review active tunnels and DNS routes.