← 返回 Skills 市场
ivangdavila

CDN

作者 Iván · GitHub ↗ · v1.0.1
cross-platform ⚠ suspicious
839
总下载
2
收藏
4
当前安装
2
版本数
在 OpenClaw 中安装
/install cdn
功能描述
Configure, optimize, and troubleshoot CDN deployments with caching strategies, security hardening, and multi-provider management.
使用说明 (SKILL.md)

When to Use

User wants to set up, optimize, or debug a CDN. Covers provider selection, caching, security, and performance monitoring.

Quick Reference

Topic File
Provider comparison & CLIs providers.md
Security hardening security.md
Caching strategies caching.md
Troubleshooting troubleshooting.md

Core Capabilities

  1. Provider selection — Compare Cloudflare, CloudFront, Bunny, Fastly based on use case, traffic, budget
  2. Cache configuration — Set optimal cache-control headers, TTLs, cache keys
  3. Security setup — SSL/TLS, WAF rules, DDoS protection, origin shielding
  4. Performance monitoring — Cache hit ratios, TTFB, regional latency
  5. Invalidation — Purge strategies, CI/CD integration, tagged invalidation
  6. Cost optimization — Bandwidth analysis, tier recommendations, multi-CDN strategies
  7. Troubleshooting — Debug cache misses, stale content, origin overload

Cache-Control Checklist

Before deploying, verify:

  • Hashed assets (JS/CSS) → Cache-Control: public, max-age=31536000, immutable
  • HTML pages → Short TTL or no-cache with revalidation
  • Images → Long TTL with content-based URLs or versioning
  • API responses → Usually no-store unless explicitly cacheable
  • User-specific content → private or no-store

Security Checklist

  • TLS 1.2+ enforced, weak ciphers disabled
  • HSTS enabled with appropriate max-age
  • Origin IPs hidden, authenticated origin pulls configured
  • Rate limiting on sensitive endpoints (login, API)
  • Security headers: CSP, X-Frame-Options, X-Content-Type-Options

Common Mistakes

  • Caching user-specific responses (auth tokens, personalized content)
  • Using max-age without immutable for versioned assets
  • Purging entire cache instead of targeted paths
  • Ignoring Vary headers (cache poisoning risk)
  • Origin not rejecting direct access (bypassing CDN protections)

Decision: Do I Need a CDN?

Ask about:

  • Geographic distribution of users
  • Current page load times and Core Web Vitals
  • Static vs dynamic content ratio
  • Traffic volume and patterns

If users are mostly local and traffic is low → CDN may add complexity without benefit. If global users OR heavy static assets OR need DDoS protection → CDN adds value.

安全使用建议
This skill is a coherent, text-only CDN playbook — it won't install code or request secrets by itself. Before using it: (1) don't paste API keys or secret tokens into public chats; the docs include example env vars (e.g., $CF_TOKEN, $BUNNY_API_KEY) that you must keep private and provide only to trusted tooling. (2) Many examples assume CLIs (curl, aws, fastly) and privileged actions (iptables); run those commands yourself on the appropriate host rather than letting an agent execute them autonomously. (3) The skill's firewall/iptables examples and origin-protection steps can block traffic if applied incorrectly — validate commands in a safe environment. If you plan to let an agent act with your provider credentials, limit its scope (least privilege) and audit any API calls.
功能分析
Type: OpenClaw Skill Name: cdn Version: 1.0.1 The skill bundle provides comprehensive documentation and examples for CDN management, including `curl` commands interacting with CDN APIs using environment variables (e.g., `$CF_TOKEN`, `$BUNNY_API_KEY`) and `iptables` commands for firewall configuration in `providers.md` and `security.md`. While these commands are legitimate for system administration and security hardening, their direct execution by an AI agent without robust input validation, sandboxing, or explicit user confirmation presents a significant vulnerability risk. Specifically, `iptables` can cause denial of service or unintended network changes, and API calls with credentials could be misused if the agent's secret handling is insecure. There is no evidence of intentional malicious behavior, but the presence of these high-risk capabilities warrants a 'suspicious' classification due to potential for exploitation if the agent's execution environment is not adequately secured.
能力评估
Purpose & Capability
The name/description align with the files (caching, providers, security, troubleshooting). Minor inconsistency: the registry metadata lists no required binaries or env vars, yet the docs include examples using provider CLIs and env vars (e.g., $CF_TOKEN, $BUNNY_API_KEY, aws CLI). This is expected for a CDN guide, but the skill does not declare those prerequisites.
Instruction Scope
SKILL.md and associated files stay within CDN setup, optimization, and debugging. They include executable examples (curl, aws CLI, iptables, openssl) and show how to use API tokens and secret headers. The docs do not instruct wide-ranging data collection or exfiltration, but several examples assume the agent or user will run privileged commands (iptables) or use API keys — actions that have side effects and require care.
Install Mechanism
Instruction-only skill with no install spec and no code files. Nothing is written to disk or downloaded by the skill itself, which is the lowest-risk install profile.
Credentials
The skill declares no required credentials, which is proportional. However example snippets reference provider tokens and CLI usage ($CF_TOKEN, $BUNNY_API_KEY, aws CLI). This is appropriate for real-world CDN tasks but means the user/agent will need to supply credentials externally if they follow those examples — the skill itself does not request or store them.
Persistence & Privilege
always is false and the skill is user-invocable. As an instruction-only skill it does not request persistent presence or modify other skills or global agent settings.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install cdn
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /cdn 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
Add providers, security, caching, troubleshooting guides
v1.0.0
Initial release
元数据
Slug cdn
版本 1.0.1
许可证
累计安装 4
当前安装数 4
历史版本数 2
常见问题

CDN 是什么?

Configure, optimize, and troubleshoot CDN deployments with caching strategies, security hardening, and multi-provider management. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 839 次。

如何安装 CDN?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install cdn」即可一键安装,无需额外配置。

CDN 是免费的吗?

是的,CDN 完全免费(开源免费),可自由下载、安装和使用。

CDN 支持哪些平台?

CDN 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 CDN?

由 Iván(@ivangdavila)开发并维护,当前版本 v1.0.1。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论