Skills
skills/dwsy/agent/cf-tunnel/Gen Agent Trust Hub

cf-tunnel

Warn

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: Several scripts, including scripts/share.ts and scripts/cf.ts, construct shell commands using template literals that incorporate user-controllable inputs like directory paths, ports, and filenames. This pattern is vulnerable to command injection if malicious shell metacharacters are provided.
  • Evidence: In scripts/share.ts, the startLocalWeb function passes the dir variable directly into an execSync call when creating a new tmux session.
  • Evidence: In scripts/cf.ts, the runShare function attempts to escape double quotes but does not account for other shell-active characters like backticks or subshell expansion markers.
  • [EXTERNAL_DOWNLOADS]: The skill guides the user to download and install the cloudflared binary.
  • Evidence: SKILL.md and scripts/init.ts provide specific wget commands targeting Cloudflare's official GitHub repository (github.com/cloudflare/cloudflared). This download targets a well-known service and is documented neutrally.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 4, 2026, 06:09 AM