Skills
skills/openclaw/skills/cloudflare-manager/Gen Agent Trust Hub

cloudflare-manager

Fail

Audited by Gen Agent Trust Hub on Feb 23, 2026

Risk Level: HIGHCOMMAND_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (HIGH): The update_ingress function in scripts/cf_manager.py uses sudo tee to write to /etc/cloudflared/config.yml and sudo systemctl to restart the service, providing root-level modification capabilities.
  • [CREDENTIALS_UNSAFE] (MEDIUM): The skill processes sensitive CLOUDFLARE_API_TOKEN environment variables and accesses system configuration files in /etc/cloudflared/.
  • [PROMPT_INJECTION] (LOW): The skill is vulnerable to indirect prompt injection. 1. Ingestion points: hostname and service arguments in scripts/cf_manager.py. 2. Boundary markers: Absent. 3. Capability inventory: sudo file-write and service restart. 4. Sanitization: Uses yaml.dump for structural integrity but lacks content validation.
  • [EXTERNAL_DOWNLOADS] (SAFE): Standard dependencies requests and PyYAML are installed from PyPI via pip.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 23, 2026, 12:29 AM