Fill in the parameters into 4-lines of one file, copy and paste that and one other file to your system, and a majority of the anxiety of a cloudflared tunnel daemon compromise is over.
You don’t need necessarily to understand how it works, yet it should be of great interest to those running cloudflared with the No TLS Verify flag set.