Is Cloudflare MCP Server safe to use?

Cloudflare MCP Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install Cloudflare MCP Server?

Cloudflare MCP Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What can Cloudflare MCP Server do?

Cloudflare MCP Server provides 18 tools: list_zones, get_zone, list_dns_records, get_dns_record, create_dns_record and 13 more. See the full tools list on the server page for descriptions and parameters.

What AI clients work with Cloudflare MCP Server?

Cloudflare MCP Server is compatible with claude-desktop, cursor, claude-code. It uses stdio and http transport.

Is Cloudflare MCP Server actively maintained?

Cloudflare MCP Server is recently maintained — last commit was 63 days ago.

Cloudflare MCP Server

mcp-cloudflare-crunchtools

Secure MCP server for Cloudflare DNS, Transform Rules, and Page Rules

18 tools GitHub PyPI

No known CVEs

No license

Maintained

Last commit 63d ago

Works with most clients

Transport: stdio, http

18 tools · ~719 tok

Grade B · 0.4% of 200K ctx

Edit this pageView history

Cloud DevOps

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "io-github-crunchtools-cloudflare": {
      "args": [
        "mcp-cloudflare-crunchtools"
      ],
      "command": "uvx"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-crunchtools-cloudflare)](https://mcppedia.org/s/io-github-crunchtools-cloudflare)

Read me

What Cloudflare MCP Server does

A secure MCP (Model Context Protocol) server for Cloudflare DNS, Transform Rules, Page Rules, and cache management.

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

uvx 'mcp-cloudflare-crunchtools' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

78/100across 5 weighted dimensions

How we score →

0255075100

−22

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

Checked mcp-cloudflare-crunchtools against OSV.dev.

Inventory

Tools (18)

Click any tool to inspect its schema.

~719 tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Cloudflare MCP Server safe to use?: Cloudflare MCP Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install Cloudflare MCP Server?: Cloudflare MCP Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can Cloudflare MCP Server do?: Cloudflare MCP Server provides 18 tools: list_zones, get_zone, list_dns_records, get_dns_record, create_dns_record and 13 more. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Cloudflare MCP Server?: Cloudflare MCP Server is compatible with claude-desktop, cursor, claude-code. It uses stdio and http transport.
Is Cloudflare MCP Server actively maintained?: Cloudflare MCP Server is recently maintained — last commit was 63 days ago.

Similar servers

Others in cloud / devops

View all →

Mcp Gitlab96

MCP server for using the GitLab API

1.5k 12

Observability Mcp95

MCP Server for GCP environment for interacting with various Observability APIs.

790 10

Alibabacloud Devops Mcp Server92

Yunxiao MCP Server provides AI assistants with the ability to interact with the Yunxiao platform. It provides a set of tools that interact with Yunxiao's API, allowing AI assistants to manage Codeup repository, Project, Pipeline, Packages etc.

110 7

Mcp Gitlab Server92

Enhanced MCP server for GitLab: group projects listing and activity tracking

50 2

MCP Security Weekly

Get CVE alerts and security updates for Cloudflare MCP Server and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Cloud DevOps

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "io-github-crunchtools-cloudflare": {
      "args": [
        "mcp-cloudflare-crunchtools"
      ],
      "command": "uvx"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-crunchtools-cloudflare)](https://mcppedia.org/s/io-github-crunchtools-cloudflare)

Read me

What Cloudflare MCP Server does

A secure MCP (Model Context Protocol) server for Cloudflare DNS, Transform Rules, Page Rules, and cache management.

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

uvx 'mcp-cloudflare-crunchtools' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

README

MCP Cloudflare CrunchTools

A secure MCP (Model Context Protocol) server for Cloudflare DNS, Transform Rules, Page Rules, and cache management.

Overview

This MCP server is designed to be:

Secure by default - Comprehensive threat modeling, input validation, and token protection
No third-party services - Runs locally via stdio, your API token never leaves your machine
Cross-platform - Works on Linux, macOS, and Windows
Automatically updated - GitHub Actions monitor for CVEs and update dependencies
Containerized - Available at quay.io/crunchtools/mcp-cloudflare built on Hummingbird Python base image

Naming Convention

Component	Name
GitHub repo	crunchtools/mcp-cloudflare
Container	`quay.io/crunchtools/mcp-cloudflare`
Python package (PyPI)	`mcp-cloudflare-crunchtools`
CLI command	`mcp-cloudflare-crunchtools`
Module import	`mcp_cloudflare_crunchtools`

Why Hummingbird?

The container image is built on the Hummingbird Python base image from Project Hummingbird, which provides:

Minimal CVE exposure - Hummingbird images are built with a minimal package set, dramatically reducing the attack surface compared to general-purpose images
Regular updates - Security patches are applied promptly, keeping CVE counts low
Optimized for Python - Pre-configured Python environment with uv package manager for fast, reproducible builds
Production-ready - Designed for production workloads with proper signal handling and non-root user defaults

This means your MCP server runs in a hardened environment with fewer vulnerabilities than typical Python container images

Features

Zone Management (2 tools)

list_zones - List all zones accessible by your API token
get_zone - Get zone details by ID or domain name

DNS Records (5 tools)

list_dns_records - List DNS records with filtering
get_dns_record - Get a single DNS record
create_dns_record - Create A, AAAA, CNAME, MX, TXT, NS, SRV, CAA records
update_dns_record - Update existing records
delete_dns_record - Delete records

Transform Rules (6 tools)

list_request_header_rules / set_request_header_rules - Modify request headers
list_response_header_rules / set_response_header_rules - Modify response headers
list_url_rewrite_rules / set_url_rewrite_rules - URL path/query rewrites

Page Rules (4 tools)

list_page_rules - List all page rules
create_page_rule - Create redirects, cache settings, SSL modes
update_page_rule - Modify existing rules
delete_page_rule - Remove rules

Cache Management (1 tool)

purge_cache - Purge by URL, tag, host, prefix, or everything

Installation

With uvx (Recommended)

uvx mcp-cloudflare-crunchtools

With pip

pip install mcp-cloudflare-crunchtools

With Container

podman run -e CLOUDFLARE_API_TOKEN=your_token \
    quay.io/crunchtools/mcp-cloudflare

Configuration

Creating a Cloudflare API Token

Navigate to API Tokens
- Go to https://dash.cloudflare.com/profile/api-tokens
- Click "Create Token"
- Click "Get started" next to "Create Custom Token"
Configure Token Name
- Enter: mcp-cloudflare-crunchtools
Configure Permissions

The Permissions section has three dropdowns per row:
- First dropdown: Resource type (Account or Zone)
- Second dropdown: Specific permission category
- Third dropdown: Access level (Read or Edit)
Click "+ Add more" to add each permission row. For full management, add:

Resource Permission Access
Zone Zone Read
Zone DNS Edit
Zone Page Rules Edit
Zone

Resource	Permission	Access
Zone	Zone	Read
Zone	DNS	Edit
Zone	Page Rules	Edit
Zone

... View full README on GitHub

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

78/100across 5 weighted dimensions

How we score →

0255075100

−22

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

Checked mcp-cloudflare-crunchtools against OSV.dev.

Inventory

Tools (18)

Click any tool to inspect its schema.

~719 tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Cloudflare MCP Server safe to use?: Cloudflare MCP Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install Cloudflare MCP Server?: Cloudflare MCP Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can Cloudflare MCP Server do?: Cloudflare MCP Server provides 18 tools: list_zones, get_zone, list_dns_records, get_dns_record, create_dns_record and 13 more. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Cloudflare MCP Server?: Cloudflare MCP Server is compatible with claude-desktop, cursor, claude-code. It uses stdio and http transport.
Is Cloudflare MCP Server actively maintained?: Cloudflare MCP Server is recently maintained — last commit was 63 days ago.