功能描述

Query Cloudflare Workers Observability logs via API. Use when the user asks to check logs, debug Workers, look up errors, or investigate Worker/Durable Objec...

使用说明 (SKILL.md)

Query Cloudflare Workers Observability Logs

Name: Cf Workers Logs
Author: adahubble

Query the CF Workers Observability API to retrieve structured logs from any Workers, Durable Objects, Workflows, Queues, and Cron Triggers in your Cloudflare account.

Prerequisites

Set these environment variables (e.g. in your project's .env or shell profile):

CF_OBSERVABILITY_ACCOUNT_ID — your Cloudflare account ID
CF_OBSERVABILITY_API_TOKEN — API token with Workers Observability read permission

API Endpoint

POST https://api.cloudflare.com/client/v4/accounts/{accountId}/workers/observability/telemetry/query
Authorization: Bearer {apiToken}
Content-Type: application/json

Request Body Format

{
  "queryId": "cc-{timestamp}",
  "timeframe": {
    "from": "\x3Cunix_ms_start>",
    "to": "\x3Cunix_ms_end>"
  },
  "view": "events",
  "limit": 50,
  "parameters": {
    "filters": [
      {"key": "\x3Cfield>", "operation": "\x3Cop>", "type": "\x3Ctype>", "value": "\x3Cvalue>"}
    ],
    "filterCombination": "and",
    "calculations": [],
    "groupBys": [],
    "needle": {"value": "\x3Csearch_text>", "isRegex": false, "matchCase": false},
    "limit": 50
  }
}

Filter Operations

String: eq, neq, includes, doesNotInclude, startsWith, regex, exists, doesNotExist
Number: eq, neq, gt, gte, lt, lte, exists, doesNotExist

Standard Fields

Field	Type	Description
`$workers.scriptName`	string	Worker script name
`$workers.outcome`	string	`ok` / `exception`
`$workers.entrypoint`	string	Entrypoint class (Worker, DO, Workflow)
`$workers.eventType`	string	`fetch`, `rpc`, `queue`, `scheduled`, `alarm`
`msg`	string	Log message
`level`	string	Log level (`log`, `info`, `warn`, `error`)
`error`	string	Error message
`status`	number	HTTP status code

Any custom fields logged via console.log({ key: value }) are also queryable as top-level fields.

Full-text Search

Use needle.value for free-text search across all fields. Useful when you don't know which field contains the value.

How to Execute

Use Bash with curl to call the API. Do NOT use WebFetch (it processes through an AI model and loses structure).

Step 1: Read credentials

Read CF_OBSERVABILITY_ACCOUNT_ID and CF_OBSERVABILITY_API_TOKEN from environment variables. If not set in the shell, search for them in project .env files:

grep -r 'CF_OBSERVABILITY_' --include='.env' --include='.env.*' . 2>/dev/null

Step 2: Build and execute query

Construct the curl command based on the user's request. Default time range: last 1 hour. Default limit: 30.

Step 3: Format output

Parse the JSON response and format as a timeline:

{timestamp} [{level}] [{scriptName}/{entrypoint}] {msg}
         {extra fields if present: error=, status=, eventType=}

Events are in result.events.events[]. Each event has:

source: structured log fields (msg, level, plus any custom fields)
$workers: Worker metadata (scriptName, outcome, eventType, entrypoint)
$metadata: system metadata (timestamp, requestId)
timestamp: event timestamp in unix ms

Sort events by timestamp ascending for chronological view.

Common Query Patterns

By Worker name

{"filters": [{"key": "$workers.scriptName", "operation": "eq", "type": "string", "value": "my-worker"}]}

Errors only

{"filters": [{"key": "level", "operation": "eq", "type": "string", "value": "error"}]}

By entrypoint (Durable Object / Workflow class)

{"filters": [{"key": "$workers.entrypoint", "operation": "eq", "type": "string", "value": "MyDurableObject"}]}

By event type (alarm, queue, scheduled, etc.)

{"filters": [{"key": "$workers.eventType", "operation": "eq", "type": "string", "value": "alarm"}]}

Exceptions (Worker crashed)

{"filters": [{"key": "$workers.outcome", "operation": "eq", "type": "string", "value": "exception"}]}

Custom field filter

{"filters": [{"key": "userId", "operation": "eq", "type": "string", "value": "user_123"}]}

Free-text search

{"needle": {"value": "search text here", "isRegex": false, "matchCase": false}}

Combine filters

{
  "filters": [
    {"key": "$workers.scriptName", "operation": "eq", "type": "string", "value": "my-worker"},
    {"key": "level", "operation": "eq", "type": "string", "value": "error"}
  ],
  "filterCombination": "and"
}

Argument Parsing

When invoked as /cf-workers-logs, parse $ARGUMENTS for:

worker=my-worker → filter by $workers.scriptName
level=error → filter by level
entrypoint=MyDO → filter by $workers.entrypoint
event=alarm → filter by $workers.eventType
search=xxx → needle search
\x3Ckey>=\x3Cvalue> → filter by custom field
last=1h / last=30m / last=24h → time range (default: 1h)
limit=N → result limit (default: 30)
No arguments → show recent errors across all Workers (last 1h, level=error)

Multiple arguments can be combined: /cf-workers-logs worker=my-api level=error last=24h

安全使用建议

This skill appears to do what it says (call Cloudflare's Observability API and format logs), but check two things before installing: 1) Token permissions: prefer creating a token with the narrowest scope needed (read-only Observability) — do not give broad 'Edit' permissions unless you understand why they're required. The SKILL.md and README disagree; ask the author or test with a read-only token first. 2) Local file scanning: the skill will look for CF_OBSERVABILITY_* variables in your shell environment then grep `.env`/`.env.*` files in the project directory. Make sure you don't store unrelated secrets in those files and that your repo's .gitignore prevents committing secrets. 3) Operational checks: confirm curl is available in your environment and that you trust sending queries to the official endpoint (https://api.cloudflare.com). If you want extra safety, run the curl command manually with a test token to verify behavior before letting an agent run it autonomously. If you need higher confidence, request clarification from the maintainer about why 'Edit' permission is recommended and ask for an explicit least-privilege token example.

功能分析

Type: OpenClaw Skill Name: cf-workers-logs Version: 1.0.1 The skill is a legitimate tool for querying Cloudflare Workers Observability logs via the official Cloudflare API. It uses standard system utilities like `grep` to locate credentials in local environment files and `curl` to perform API requests, both of which are appropriate for the stated purpose. There is no evidence of data exfiltration to third-party domains, obfuscation, or malicious prompt injection.

能力评估

✓ Purpose & Capability

Name/description match what the skill does: it uses curl and a Cloudflare account ID + API token to call the Cloudflare Observability API. The requested binaries and environment variables are appropriate for this purpose.

ℹ Instruction Scope

Runtime instructions stay focused on building and POSTing queries to the Cloudflare Observability API and formatting results. They also instruct the agent to read shell environment variables and to grep the project directory for `.env` / `.env.*` files for variables named CF_OBSERVABILITY_*. Searching project files for these specific keys is explainable (to find stored credentials) but it does expand the skill's read scope to local project files — users should be aware the skill may scan the repo for credentials.

✓ Install Mechanism

Instruction-only skill with no install spec or downloaded code. This reduces risk because no new binaries or archives are pulled onto disk.

⚠ Credentials

The skill asks only for CF_OBSERVABILITY_ACCOUNT_ID and CF_OBSERVABILITY_API_TOKEN, which is proportionate. However the README and SKILL.md disagree about required token permissions: SKILL.md says a token with Workers Observability read permission, while README tells users to grant 'Edit' permission. Requesting 'Edit' is broader than necessary for read/queries and should be justified or reduced to least privilege.

✓ Persistence & Privilege

The skill is not always-enabled and does not request elevated platform privileges. It does not attempt to modify other skills or system-wide config.

版本历史

v1.0.1

Improve README: add CF token setup guide and detailed usage docs

v1.0.0

Initial release of cf-workers-logs. - Enables querying Cloudflare Workers Observability logs via API. - Supports flexible filtering (script name, error level, entrypoint, event type, custom fields, timeframe, etc.). - Parses arguments like `worker=`, `level=`, `entrypoint=`, `event=`, `search=`, `last=`, and `limit=` for targeted log queries. - Fetches and formats output as a structured timeline of log events. - Requires `CF_OBSERVABILITY_ACCOUNT_ID` and `CF_OBSERVABILITY_API_TOKEN` environment variables.

元数据

Slug cf-workers-logs

版本 1.0.1

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 2

常见问题

Cf Workers Logs 是什么？

Query Cloudflare Workers Observability logs via API. Use when the user asks to check logs, debug Workers, look up errors, or investigate Worker/Durable Objec... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 271 次。

如何安装 Cf Workers Logs？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install cf-workers-logs」即可一键安装，无需额外配置。

Cf Workers Logs 是免费的吗？

是的，Cf Workers Logs 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

Cf Workers Logs 支持哪些平台？

Cf Workers Logs 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 Cf Workers Logs？

由 adaHubble（@adahubble）开发并维护，当前版本 v1.0.1。

Cf Workers Logs