The Agent Skills Directory

[COMMAND_EXECUTION] (SAFE): The skill instructs the agent to execute curl and openssl commands to interact with the Cloudflare API and verify server states. These operations are essential for the skill's primary purpose of network troubleshooting and do not involve arbitrary or malicious command execution.
[DATA_EXPOSURE & EXFILTRATION] (SAFE): The skill requires sensitive credentials (API keys/tokens) to function. It explicitly includes warnings to the user and the agent about protecting these secrets, such as 'Never log API keys in output' and recommendations to use scoped tokens. No evidence of unauthorized data exfiltration was found.
[INDIRECT PROMPT INJECTION] (SAFE): The skill ingests data from the Cloudflare API. While this constitutes an external data ingestion point, the data is parsed as JSON and used for logic checks (e.g., verifying SSL mode) rather than being executed as instructions. The risk is minimized by the trusted nature of the data source (the user's own Cloudflare account).
[UNVERIFIABLE DEPENDENCIES] (SAFE): The provided Python scripts rely on the requests library, which is a standard and trusted package for HTTP operations. No suspicious or unversioned remote dependencies are pulled.

cloudflare-troubleshooting