cf-proxy
Fail
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill is designed to automatically fetch executable worker code from a third-party GitHub repository (
cmliu/edgetunnel) that is not maintained by a known or trusted organization. - [REMOTE_CODE_EXECUTION]: The skill automates the deployment of the unverified external code directly to a Cloudflare Pages environment. Using an agent to deploy unvetted code to a live cloud infrastructure constitutes a remote execution risk.
- [CREDENTIALS_UNSAFE]: The skill's operation requires the collection of sensitive Cloudflare account credentials (likely API tokens or global keys) to perform the deployment and DNS configuration.
- [COMMAND_EXECUTION]: The skill documentation indicates it uses the GitHub CLI (
gh) and Node.js to perform operations, which involves executing system-level commands to manage repositories and deployments. - [DATA_EXFILTRATION]: Because the skill manages sensitive credentials while interacting with multiple external services (GitHub, DNSExit, Cloudflare), it creates an attack surface where credentials or configuration data could be misdirected or exposed.
Recommendations
- AI detected serious security threats
Audit Metadata