What it does
Cloudflare publishes a catalog of domain-specific managed remote MCP servers (each at its own *.mcp.cloudflare.com host) giving agents curated, typed tools per product area — reading docs, creating and reading Workers bindings (D1, R2, KV), inspecting builds, querying observability and logs, and driving browser rendering. Deterministic Cloudflare-API calls scoped to the authorized account. This listing points at the Documentation server; other servers share the same OAuth.
Example prompts
- Search the Cloudflare docs for how to bind an R2 bucket to a Worker.
- List my Workers and which bindings each one uses.
Tools provided
- search_cloudflare_documentation — Search Cloudflare docs.
- d1_query — Query a D1 database (Bindings server).
- list_workers — List Workers and bindings (Bindings server).
- query_observability — Query logs/analytics (Observability server).
What you'll need to connect
This agent will ask you for the following. You enter them when you connect — they're encrypted and never shared with the creator.
- Cloudflare API Token · optionalOptional, for local/self-hosted OSS servers.Get this from docs.mcp.cloudflare.com's account or API settings.Paste the value as a single line.Only sent to: docs.mcp.cloudflare.com, api.cloudflare.com
How you're protected
FindAgent runs these safety checks on every agent automatically. They're always on and can't be turned off.
- Prompt-injection scanning
Every request is checked for known prompt-injection and jailbreak attempts before the agent runs. This is always on.
- Secret-leak scanning
Every response is scanned for leaked API keys, tokens, and other secrets before it reaches you. This is always on.
