← Back to Skills Marketplace
xieyuanqing

Cloudflare Dns Updater

by xieyuanqing · GitHub ↗ · v0.1.1
cross-platform ⚠ suspicious
1689
Downloads
0
Stars
6
Active Installs
2
Versions
Install in OpenClaw
/install cloudflare-dns-updater
Description
Creates or updates a proxied Cloudflare DNS A record. Use when you need to programmatically point a subdomain to an IP address. Takes record name, zone name, and IP address as input.
README (SKILL.md)

Cloudflare DNS Updater

This skill creates or updates a Cloudflare DNS 'A' record, pointing it to a specified IP address and ensuring it is proxied. It is a foundational tool for automating service deployment and DNS management.

Pre-requisites

This skill requires the CLOUDFLARE_API_TOKEN environment variable to be set with a valid Cloudflare API Token that has DNS edit permissions.

The model should verify this prerequisite before attempting to use the skill. If the variable is not set, it should inform the user and stop.

Core Action: scripts/update-record.py

The core logic is handled by the update-record.py script.

Inputs (Command-Line Arguments)

  • --zone: (Required) The root domain name. Example: example.com
  • --record: (Required) The name of the record (subdomain). Use @ for the root domain itself. Example: www
  • --ip: (Required) The IPv4 address to point the record to.
  • --proxied: (Optional) Boolean (true or false) to set the Cloudflare proxy status. Defaults to true.

Output

The script will print its progress to stdout.

  • On success, it prints a confirmation message and a JSON object of the created/updated record.
  • On failure, it prints a descriptive error message to stderr and exits with a non-zero status code.

Execution Workflow

To use this skill, follow these steps:

  1. Verify Prerequisites: Check if the CLOUDFLARE_API_TOKEN environment variable is set. If not, notify the user and abort.
  2. Gather Inputs: From the user's request, identify the zone, record name, and target ip.
  3. Construct Command: Build the full shell command to execute the script.
  4. Execute Command: Run the command using the exec tool.
  5. Report Result:
    • If the command succeeds, report the successful creation or update to the user.
    • If the command fails, analyze the error message from stderr and report the issue to the user in a clear, understandable way.

Example Usage

User Request: "Point www.example.com to the server's public IP."

AI's Thought Process:

  1. The user wants to update a DNS record on Cloudflare. The cloudflare-dns-updater skill is perfect for this.
  2. I will use the update-record.py script.
  3. I need the zone, record name, and IP.
    • Zone: example.com
    • Record: www
    • IP: I need to find the server's public IP first. I can use curl -s https://ipv4.icanhazip.com/.
  4. I will first get the IP, then construct the final command.
  5. I will execute the command and report the outcome.

AI's Actions:

# Step 1: Get IP
PUBLIC_IP=$(curl -s https://ipv4.icanhazip.com/)

# Step 2: Run the skill's script
python3 skills/cloudflare-dns-updater/scripts/update-record.py \
  --zone "example.com" \
  --record "www" \
  --ip "$PUBLIC_IP"

Failure Strategy

  • If CLOUDFLARE_API_TOKEN is not set: Do not attempt to run the script. Inform the user that the required environment variable is missing and needs to be configured by the administrator.
  • If the script exits with an error: Read the error message from stderr. Common errors include invalid API token, incorrect zone name, or insufficient permissions. Report the specific error to the user.
Usage Guidance
This skill's code and documentation implement a normal Cloudflare DNS updater, but the registry metadata omitted the required CLOUDFLARE_API_TOKEN. Before installing or using it: 1) Confirm you can provide a CLOUDFLARE_API_TOKEN (set it in the environment) and verify the token is scoped with the minimum permissions (prefer zone-scoped DNS edit rights rather than a full account token). 2) Understand the agent will make outbound requests to Cloudflare and (optionally) to https://ipv4.icanhazip.com/ to detect public IP — run it in a network environment where those calls are acceptable. 3) Review the included script yourself (it is short and readable) and consider rotating the token after testing. 4) If you rely on registry metadata for automated policy enforcement, update it to declare CLOUDFLARE_API_TOKEN so the requirement isn't missed. If you cannot provide a properly-scoped token or cannot accept outbound network calls, do not enable the skill.
Capability Analysis
Type: OpenClaw Skill Name: cloudflare-dns-updater Version: 0.1.1 The skill is classified as suspicious due to the explicit instruction in `SKILL.md` for the AI agent to execute an external shell command (`curl -s https://ipv4.icanhazip.com/`). While this command is benign and serves the stated purpose of dynamically obtaining an IP address for DNS updates, it demonstrates a capability for the agent to execute arbitrary shell commands based on skill instructions, which represents a significant prompt injection vector. The `scripts/update-record.py` itself securely handles the `CLOUDFLARE_API_TOKEN` and only interacts with `api.cloudflare.com`.
Capability Assessment
Purpose & Capability
The name/description match the included Python script: behavior is to create/update Cloudflare A records. Requiring python3 and the requests library is appropriate. However, the registry metadata lists no required environment variables or primary credential, while the SKILL.md and script explicitly require CLOUDFLARE_API_TOKEN; this metadata omission is inconsistent and worth flagging.
Instruction Scope
SKILL.md confines actions to: check for CLOUDFLARE_API_TOKEN, collect zone/record/IP, optionally fetch the host's public IP via https://ipv4.icanhazip.com/, and run the included script. There is no instruction to read unrelated files or exfiltrate data to unexpected endpoints. The external call to icanhazip is reasonable for discovering a public IP but is an external network operation the user should be aware of.
Install Mechanism
This is an instruction-only skill with a bundled Python script and a small requirements.txt (requests). No network downloads or archive extraction during install are required, which is low risk.
Credentials
The script and SKILL.md require CLOUDFLARE_API_TOKEN (a sensitive credential) but the registry metadata does not declare it as a required env var or primary credential. That mismatch is concerning because automated tooling or users may not realize a secret must be supplied. The requested token is proportionate for DNS edits, but you should confirm the token's permissions (use least privilege / zone-scoped token).
Persistence & Privilege
The skill does not request always: true, does not modify other skills or system-wide settings, and is user-invocable. It requires only runtime invocation to execute the script.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install cloudflare-dns-updater
  3. After installation, invoke the skill by name or use /cloudflare-dns-updater
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.1
Security fix: Anonymized all examples in SKILL.md to remove private information.
v0.1.0
Initial release – Automate Cloudflare DNS A record creation or update - Adds a skill to programmatically create or update proxied Cloudflare DNS A records for a given zone and subdomain. - Requires a valid CLOUDFLARE_API_TOKEN with DNS edit permissions to be set in the environment. - Accepts `zone`, `record`, and `ip` as inputs, with optional control over proxying. - Informs the user of prerequisites, command execution progress, and any errors in a clear, actionable way.
Metadata
Slug cloudflare-dns-updater
Version 0.1.1
License
All-time Installs 6
Active Installs 6
Total Versions 2
Frequently Asked Questions

What is Cloudflare Dns Updater?

Creates or updates a proxied Cloudflare DNS A record. Use when you need to programmatically point a subdomain to an IP address. Takes record name, zone name, and IP address as input. It is an AI Agent Skill for Claude Code / OpenClaw, with 1689 downloads so far.

How do I install Cloudflare Dns Updater?

Run "/install cloudflare-dns-updater" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Cloudflare Dns Updater free?

Yes, Cloudflare Dns Updater is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Cloudflare Dns Updater support?

Cloudflare Dns Updater is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Cloudflare Dns Updater?

It is built and maintained by xieyuanqing (@xieyuanqing); the current version is v0.1.1.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463556 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259610 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200551 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191226 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190235 · by oswalpalash

💬 Comments