cloudflare-assets

This skill's purpose (upload/list/delete files to a Cloudflare R2-backed host) is plausible and the described mechanisms (small files via MCP base64, large files via a dedicated script calling the REST API) are reasonable. However, the skill instructs running a local shell script from the agent's plugin cache and sending large base64 payloads through the agent/MCP toolchain. Those operational details introduce supply-chain and execution risks: a malicious or compromised cf-assets.sh or a compromised plugin cache could execute arbitrary commands or exfiltrate data. The documentation also omits a clear, secure authentication description, increasing the chance credentials or sensitive files may be mishandled. Overall this is not confirmed malware, but it is a moderate security risk because of transitive execute/installer patterns and unclear credential handling. Treat the script execution and plugin cache usage with caution: validate the script, ensure integrity (signatures/checksums), and restrict the skill to trusted environments.