I don't have a homelab for privacy so much as convenience. And I accept the risk of trusting vendors. I also have a datacenter cabinet and the techs there have a key to the cabinet. That's even more dangerous access theoretically. I suppose if someone compromised cloudflared (more possible in this era of supply-chain attacks and Cloudflare's renewed commitment to vibe-coding) there's a risk. C'est la vie.