B

Cloudflare MCP Server

MCP server for the Cloudflare API, dynamically generating tools from the OpenAPI spec with code execution capability

Overall Score81/100

Score Breakdown

Authentication & Identity1 finding23/25
Tool Schema Quality3 findings11/25
Permission Granularity20/20
LLM Safety15/15
Data Exposure1 finding8/10
Maintenance & Trust1 finding4/5

Server Info

Package
cloudflare-mcp
Registry
npm
Maintainer
CloudflareVendor
Category
Cloud & Infrastructure
Tags
cdnedgeworkers
Last Scanned
7 Apr 2026

Findings

6 issues

Authentication & Identity

LOWImplements MCP OAuth spec for per-user authentication

Full MCP OAuth implementation via @cloudflare/workers-oauth-provider with PKCE, authorization/token/registration endpoints. Also supports direct API token mode via Bearer header (detected by checking if token does NOT have 3 colon-separated parts). Uses WebStandardStreamableHTTPServerTransport. Multi-account support with account selection. Code execution is sandboxed via Cloudflare Workers dynamic dispatch with globalOutbound restricting outbound requests to the Cloudflare API domain only.

Remediation

Document the required OAuth scopes for each tool.

Tool Schema Quality

MEDIUMOnly 0 of 2 schemas have parameter constraints

Most schemas lack maxLength, enum, or pattern constraints on string parameters.

Remediation

Add constraints to string parameters, especially on write operations.

CRITICALDangerous execution surface: execute: arbitrary JavaScript code execution against Cloudflare API

Tool allows raw code/query execution which could be exploited via prompt injection.

Remediation

Use parameterized queries or validated command sets.

CRITICALDangerous execution surface: search: arbitrary JavaScript code execution against OpenAPI spec

Tool allows raw code/query execution which could be exploited via prompt injection.

Remediation

Use parameterized queries or validated command sets.

Data Exposure

LOWNo field selection on responses

Responses return full records rather than projected fields.

Remediation

Implement field selection to return only relevant fields.

Maintenance & Trust

MEDIUM5 dependency vulnerabilities (5 high)

npm audit found 5 high severity CVEs.

Remediation

Update vulnerable dependencies.

Tools

2 total
NameDescriptionRisk
searchSearch the Cloudflare OpenAPI spec. All $refs are pre-resolved inline.read
executeExecute JavaScript code against the Cloudflare API using the cloudflare.request() function.admin

Deploy Cloudflare MCP Server securely

CompleteFlow adds per-user authentication, permission scoping, and audit logging to any MCP server out of the box.

Deploy on CompleteFlow