Regardless of whether or not you provide your own SSL certificates, cloudflare still uses their own between their servers and client browsers. So any SSL encrypted traffic is unencrypted at their end before being re-encrypted with your certificate. How can such an entity be trusted?
No, I read it properly, a MITM generally refers to MITM Attack and vice versa in cybersecurity, it is down to the individual to clarify if they meant otherwise and clearly, this case he is referencing to BEING A MITM for malicious purposes