ClawHub

Cloudflare Manager

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Cloudflare management skill with powerful infrastructure-changing commands, but the artifacts do not show hidden, deceptive, or unrelated behavior.

Install only if you want an agent or CLI helper to manage Cloudflare resources. Use a least-privilege token scoped to the required zones, keep the token out of logs and synced folders, and require human review before delete, DNS, SSL, firewall, cache purge, or other production-impacting changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Rogue AgentSelf-Modification, Session Persistence
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill documents destructive zone operations such as deleting zones and purging cache without any warning, confirmation, rollback guidance, or mention of production impact. In infrastructure administration, this can cause immediate outages, traffic disruption, or irreversible service changes if an agent or user runs the command on the wrong domain.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
DNS and firewall changes directly affect service routing, email delivery, origin exposure, and access control, yet the skill presents mutation commands as routine examples without safety notes. An agent following these examples could accidentally break production traffic, block legitimate users, or expose infrastructure by toggling proxy settings incorrectly.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
Worker deployment/deletion and SSL mode changes are high-impact operations that can break application behavior, weaken transport security, or take edge logic offline. Presenting these commands without warnings or guardrails increases the chance of unsafe execution by automated agents or inexperienced users in live environments.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The tool performs irreversible zone deletion immediately once invoked, with no confirmation prompt, dry-run mode, or explicit force flag. In a CLI/agent context, this increases the risk of accidental destructive actions from user error, prompt confusion, or automation mistakes, which could cause domain outages and service disruption.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
DNS record deletion is executed without any confirmation or safeguard, making accidental deletion easy in automated or agent-driven workflows. Removing critical DNS records can break application routing, email delivery, and domain availability, resulting in operational outages.

Session Persistence

Medium
Category
Rogue Agent
Content
Store in `~/.config/cloudflare/token`:
```bash
mkdir -p ~/.config/cloudflare
echo -n "YOUR_API_TOKEN" > ~/.config/cloudflare/token
chmod 600 ~/.config/cloudflare/token
```
Confidence
81% confidence
Finding
mkdir -p ~/.config/cloudflare echo -n "YOUR_API_TOKEN" > ~/.config/cloudflare/token chmod 600 ~/.config

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal