// SCAN REPORT

Cloudflare MCP

7 tools. 6 can modify or destroy data without limits.

5 write tools that can modify data. Rate limits recommended.

Last updated: 12 Jun 2026

6 can modify or destroy data

1 read-only

7 tools total

Community server · catalogue entry verified 12/06/2026

How to control Cloudflare MCP ↓

TOOL MAP

What Cloudflare MCP exposes to your agents

Read (1) Write / Execute (5) Destructive / Financial (0)

Running more than one server? Check your whole stack →

MOST DANGEROUS TOOLS

High Risk

The most dangerous Cloudflare MCP tools

Execute · Low add This tool performs arithmetic computation. Execute · Low calculate The tool executes computational operations on provided inputs. Write · Low addTodo This tool creates a new todo item, which is a reversible write operation. Write · Low completeTodo This tool modifies existing data (marking a todo as completed) in a reversible manner—the state can be changed back.

6 of Cloudflare MCP's 7 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

POLICY

How to control Cloudflare MCP

PolicyLayer is an MCP gateway — it sits between your AI agents and Cloudflare MCP, and nothing reaches the server without passing your rules. These are the rules we recommend:

Rate limit write operations

{
  "addTodo": {
    "limits": [
      {
        "counter": "addtodo_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations

{
  "listTodos": {
    "limits": [
      {
        "counter": "listtodos_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

Create a free account and register Cloudflare MCP — nothing to install.
Add these rules — paste them, or build them visually. Tune the limits to your setup.
Point your MCP client (Claude, Cursor, anything) at your gateway URL.

ENFORCE POLICY ON CLOUDFLARE →

Free to start. No card required.

FULL CATALOGUE

All 7 Cloudflare MCP tools

EXECUTE 2 tools

Execute add Simple addition of two numbers Execute calculate Perform various mathematical operations on two numbers

WRITE 3 tools

Write addTodo Add a new task to your todo list Write completeTodo Mark a task as completed in your todo list Write storeValue Store a simple key-value pair in Cloudflare KV

READ 1 tools

Read listTodos List all tasks in your todo list

OTHER 1 tools

Other randomNumber Generate a truly random number using Cloudflare

FAQ

Questions about Cloudflare MCP

How do I prevent bulk modifications through Cloudflare MCP? +

The Cloudflare MCP server has 3 write tools including addTodo, completeTodo, storeValue. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Cloudflare MCP.

How many tools does the Cloudflare MCP server expose? +

7 tools across 2 categories: Read, Write. 1 are read-only. 6 can modify, create, or delete data.

How do I enforce a policy on Cloudflare MCP? +

Register the Cloudflare MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Cloudflare MCP tool call.

Deterministic rules across all 7 Cloudflare MCP tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

ENFORCE POLICY ON CLOUDFLARE →

Free to start. No card required.

7 Cloudflare MCP tools catalogued and risk-classified — across an index of 43,000+ MCP servers.