Hi a fellow federal agent,
Please go suck your pennes. While the tool might be useful for actually removing CSAM, it makes your site reliant on Cloudflare which can be possibly DDoSed / held for ransom + you are giving all the glowies OP.
I will look into it. Nice get.
This reads straight out of a mobster movie where the gangsters go to a local establishment that's opened recently and go "Ya got yaself a pretty-lookin' shop here. Real nice job with the curtains. Ya know, there's been a lot of broken windows happenin' around these parts ya see? Would be a real shame if some punks came in here and threw rocks at your windows every week. You should try to get rock-proof windows sometime soon, ya know. There's this guy I know, real friendly, he can get them for ya in no time, I can get them for ya at a discount too! Only 20% of your profits a week, capisce? Heeeey better than gettin' them windows broken all the time!"
i don't recommend enabling any proprietary in-the-cloud CSAM scanner because they auto-report such attempted uploads' destination server (ie. your site's VPS) to the FBI, and these knuckleheads will visit your home and potentially seize all your electronics since by default they assume EVERYONE including the site admin is a potential suspect and has to go through a "thorough investigation" and you don't have the expensive corporate lawyers like big corporate sites have to prevent such extortion