building-cloudflare-mcp

[Skill Scanner] Installation of third-party script detected All findings: [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] This skill document and example Worker code are coherent with their stated purpose: building a Cloudflare-based MCP server for Claude/Claude Code integration. There are no signs of malicious code, obfuscation, or unexpected network proxying. The primary risks are misconfiguration and operational security (exposing the worker URL/secret, overly-broad auto-approve settings, or adding code that forwards data externally). Recommended actions: keep secrets in wrangler secrets, use IP allowlists carefully, restrict auto-approve tool patterns, audit any added tool implementations that access sensitive data or external endpoints. LLM verification: The provided Cloudflare Workers MCP example is coherent and benign in intent and implementation. There is no direct evidence of malware, obfuscated code, or network exfiltration in the fragment. The primary security risks are operational and configuration-related: (1) the documentation's recommendation to auto-approve tools with wildcards is high risk and can enable arbitrary tool execution without consent; (2) guidance showing static bearer tokens and plaintext credential files raises the chanc