How Cloudflare Built an AI Engineering Stack on Its Own Platform – And Why It's Working

Cloudflare’s engineering team didn’t just adopt external AI tools—they built their own AI coding stack, powered by the very platform they ship to customers. Over the past eleven months, this internal initiative transformed how developers work, achieve remarkable adoption rates, and significantly boosted productivity. Here’s a closer look at the questions and answers behind their journey.

What inspired Cloudflare to build its own AI engineering stack?

Cloudflare recognized that off-the-shelf AI coding tools weren’t enough to meet the specific needs of its sprawling organization. With thousands of repos, strict security requirements, and a culture of continuous integration, the company needed a tailored solution. Instead of waiting for external vendors, they launched a tiger team called iMARS (Internal MCP Agent/Server Rollout Squad) to build internal MCP servers, an access layer, and custom AI tooling. The goal was to integrate AI deeply into their engineering workflow, including code review, onboarding, and propagation of changes across all repos. They wanted to create a stack that was secure, scalable, and built on the same products they offer to customers, ensuring alignment with their platform’s capabilities.

How widely adopted are AI coding tools at Cloudflare?

Adoption has been staggering. In the last 30 days alone, 3,683 internal users actively used AI coding tools—that’s 60% of all employees and an impressive 93% of the R&D organization. Over 295 teams are now leveraging agentic AI tools and coding assistants. The company processed 47.95 million AI requests, with 20.18 million AI Gateway requests per month. Tokens flowed massively: 241.37 billion tokens via AI Gateway and 51.83 billion tokens processed on Workers AI. These numbers reflect not just experimentation, but deep integration across the engineering culture.

What specific metrics demonstrate the impact of AI on developer velocity?

The clearest signal of impact is the surge in merge requests. Since AI tooling adoption grew, the 4-week rolling average of merge requests jumped from ~5,600 per week before the initiative to over 8,700. The week of March 23 even hit 10,952—nearly double the Q4 baseline. The team reports they’ve never seen such a quarter-to-quarter increase. This velocity boost is attributed to AI handling repetitive tasks, accelerating code reviews, and enabling faster onboarding across thousands of repos. The internal stack’s ability to standardize code review and change propagation also played a role, making engineers more efficient from day one.

What is the architecture of Cloudflare's internal AI stack?

The stack is layered and modular, starting with engineer-facing tools like OpenCode, Windsurf, and other MCP-compatible clients (both open-source and third-party). Below that, each layer maps to a Cloudflare shipping product:

• Zero Trust authentication → Cloudflare Access
• Centralized LLM routing and cost tracking → AI Gateway
• On-platform inference → Workers AI
• MCP Server Portal with single OAuth → Workers + Access
• AI Code Reviewer CI integration → Workers + AI Gateway
• Sandboxed execution for agent code → Dynamic Workers
• Stateful long-running agent sessions → Agents SDK (McpAgent, Durable Objects)
• Isolated environments for building/testing → Sandbox SDK
• Durable multi-step workflows → Workflows
• 16K+ entity knowledge graph → Backstage (open-source)

This architecture ensures security, scalability, and seamless integration with existing Cloudflare infrastructure.

How does Cloudflare ensure security and governance for AI tool usage?

Security is built into every layer. Cloudflare Access provides Zero Trust authentication for all AI tool access. The AI Gateway enforces centralized LLM routing, cost tracking, Bring Your Own Key (BYOK) capabilities, and Zero Data Retention controls—ensuring sensitive code never leaks. The AI Code Reviewer runs in CI with tightly controlled permissions, using Workers for logic and AI Gateway for inference. For agent-generated code, Dynamic Workers provide sandboxed execution environments, isolated from production. Additionally, the Agents SDK (with McpAgent and Durable Objects) manages stateful sessions securely. The Sandbox SDK allows cloning and building in ephemeral, isolated environments. Every component is designed to minimize risk while maximizing developer productivity.

Are the internal AI tools built on products that Cloudflare ships to customers?

Yes—nearly the entire stack runs on commercial Cloudflare products. The list includes Cloudflare Access, AI Gateway, Workers AI, Workers, Dynamic Workers, Workflows, and the Sandbox SDK (which went GA during Agents Week). Even the Agents SDK and MCP Server Portal leverage publicly available primitives. The only exception is Backstage, an open-source knowledge graph tool. Importantly, the team built this internal stack to dogfood their own platform—proving that the same products can power enterprise-scale AI development. This alignment means enhancements made for internal use often flow directly into product improvements for paying customers.