cloudflare-tunnel
Securely expose local services to the internet using Cloudflare Tunnels without port forwarding or public IPs.
Install this skill
or
84/100
Security score
The cloudflare-tunnel skill was audited on Mar 1, 2026 and we found 12 security issues across 3 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
medium line 186
Curl to non-GitHub URL
SourceSKILL.md
| 186 | curl -s http://localhost:3000 > /dev/null && echo "Service is up" || echo "Service is DOWN" |
low line 125
Access to hidden dotfiles in home directory
SourceSKILL.md
| 125 | credentials-file: ~/.cloudflared/<TUNNEL_ID>.json |
low line 200
Access to hidden dotfiles in home directory
SourceSKILL.md
| 200 | rm -f ~/.cloudflared/cert.pem |
low line 45
External URL reference
SourceSKILL.md
| 45 | Your local service is now live at `https://myapp.example.com` with automatic HTTPS. |
low line 56
External URL reference
SourceSKILL.md
| 56 | bash scripts/run.sh start webapp-tunnel --url http://localhost:3000 |
low line 63
External URL reference
SourceSKILL.md
| 63 | 🚀 Tunnel running: app.yourdomain.com → http://localhost:3000 |
low line 129
External URL reference
SourceSKILL.md
| 129 | service: http://localhost:3000 |
low line 131
External URL reference
SourceSKILL.md
| 131 | service: http://localhost:8080 |
low line 133
External URL reference
SourceSKILL.md
| 133 | service: http://localhost:3001 |
low line 175
External URL reference
SourceSKILL.md
| 175 | bash scripts/run.sh quick --url http://localhost:8080 |
low line 177
External URL reference
SourceSKILL.md
| 177 | # Output: https://random-words.trycloudflare.com → http://localhost:8080 |
low line 186
External URL reference
SourceSKILL.md
| 186 | curl -s http://localhost:3000 > /dev/null && echo "Service is up" || echo "Service is DOWN" |
Scanned on Mar 1, 2026
View Security DashboardInstall this skill with one command
/learn @faahim/cloudflare-tunnel