# Cloudflare R2 Remote MCP Worker

Name: Cloudflare R2 Remote MCP Worker
Type: Remote MCP server
URL: https://xxyoudeadpunkxx.github.io/cloudflare-r2-remote-mcp-worker/
Repository: https://github.com/XxYouDeaDPunKxX/cloudflare-r2-remote-mcp-worker
Runtime: Cloudflare Worker
Storage: Cloudflare R2
Auth model: GitHub OAuth allowlist for public deployments
License: MIT
License URL: https://opensource.org/license/mit/
Canonical source: main branch repository files

## What this is

Cloudflare R2 Remote MCP Worker is a self-hosted remote MCP server for a Cloudflare R2 bucket.

It provides a narrow object-management surface through a Cloudflare Worker for ChatGPT or compatible remote MCP clients.

It is not a general personal cloud interface, not full R2 account administration, and not a local filesystem bridge.

## Operating line

Operator-owned bucket. Operator-owned Worker. Explicit remote MCP boundary.

## Use case

Use this project when a remote MCP client needs bounded access to objects in an operator-owned Cloudflare R2 bucket without exposing broad Cloudflare account administration.

## Canonical source

The canonical public source is the repository main branch.

Treat this file as the LLM-readable project index, not as the full implementation or deployment specification.

## Runtime model

- Cloudflare Worker hosts the remote MCP endpoint.
- Cloudflare R2 stores the bucket objects.
- GitHub OAuth allowlisting is used for public deployments.
- KV can support OAuth state.
- Presigned URL support is optional and deployment-dependent.

## Main capabilities

- Object listing
- Object metadata inspection
- Text-like object reading
- Text object writing
- Base64 object upload
- Object copy and move operations
- Object key removal through guarded tools
- Optional read-only account visibility
- Optional temporary presigned URLs

## Security boundary

Exposed surface:
Object-level operations for the configured R2 binding.

Optional surface:
Read-only account visibility and temporary presigned URLs.

Outside the exposed surface:
Bucket creation, bucket removal, CORS mutation, lifecycle mutation, domain mutation, and notification mutation.

## Deployment pieces

- Cloudflare Worker
- R2 bucket binding
- GitHub OAuth App for public deployments
- KV namespace for OAuth state
- Optional R2 S3 credentials for presigned URLs

## Intended use

Use this project when a remote MCP client needs bounded access to objects in an operator-owned R2 bucket without exposing broad Cloudflare account administration.

## Discovery Set

Machine-readable project files:

- llms.txt: LLM-readable project index.
- raw-manifest.json: structured machine-readable project manifest.
- robots.txt: crawler access declaration.
- sitemap.xml: sitemap for the GitHub Pages surface.

HTML discovery signals:

- canonical URL
- rel=alternate for llms.txt
- rel=alternate for raw-manifest.json
- JSON-LD SoftwareSourceCode metadata
- Open Graph metadata
- footer machine-readable links

## Keywords

Cloudflare R2, Cloudflare Worker, MCP, remote MCP, ChatGPT, object storage, GitHub OAuth, operator-owned bucket, R2 object access, Worker-hosted MCP endpoint, bounded object management, self-hosted MCP server