← 返回 Skills 市场
ystemsrx

CF Share

作者 Sixteen · GitHub ↗ · v0.1.6 · MIT-0
cross-platform ⚠ suspicious
737
总下载
0
收藏
0
当前安装
3
版本数
在 OpenClaw 中安装
/install cfshare
功能描述
Use the cfshare CLI to expose local ports/files as temporary Cloudflare Quick Tunnel URLs. Trigger when a user needs a temporary public URL for a local servi...
使用说明 (SKILL.md)

\r \r

CFShare CLI Skill\r

\r cfshare wraps Cloudflare Quick Tunnel and outputs structured JSON.\r \r

Install when version checks fail\r

\r If either command fails, install missing binaries before running any cfshare tool.\r \r

cfshare --version\r
cloudflared --version\r
```\r
\r
1. If `cfshare --version` fails, install `cfshare` (requires Node.js and npm):\r
\r
```bash\r
npm install -g @ystemsrx/cfshare\r
```\r
\r
2. If `cloudflared --version` fails, install `cloudflared` by platform:\r
\r
macOS:\r
\r
```bash\r
brew install cloudflare/cloudflare/cloudflared\r
```\r
\r
Debian/Ubuntu:\r
\r
```bash\r
curl -fsSL https://pkg.cloudflare.com/cloudflare-main.gpg | sudo tee /usr/share/keyrings/cloudflare-main.gpg >/dev/null\r
echo "deb [signed-by=/usr/share/keyrings/cloudflare-main.gpg] https://pkg.cloudflare.com/cloudflared $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/cloudflared.list\r
sudo apt-get update && sudo apt-get install -y cloudflared\r
```\r
\r
Windows (PowerShell):\r
\r
```powershell\r
winget install --id Cloudflare.cloudflared\r
```\r
\r
WSL/Linux generic binary install:\r
\r
```bash\r
curl -fsSL https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64 -o /usr/local/bin/cloudflared\r
sudo chmod +x /usr/local/bin/cloudflared\r
```\r
\r
3. Re-run both version checks. If still failing, stop and report exact stderr output to user.\r
\r
## CLI contract\r
\r
```bash\r
cfshare \x3Ctool> [params-json] [options]\r
```\r
\r
Supported tools:\r
\r
- `env_check`\r
- `expose_port`\r
- `expose_files`\r
- `exposure_list`\r
- `exposure_get`\r
- `exposure_stop`\r
- `exposure_logs`\r
- `maintenance`\r
- `audit_query`\r
- `audit_export`\r
\r
Global options:\r
\r
- `--params '\x3Cjson>'` or `--params-file \x3Cpath>`\r
- `--config '\x3Cjson>'` or `--config-file \x3Cpath>`\r
- `--workspace-dir \x3Cdir>` (only used by `expose_files`)\r
- `--keep-alive` (for `expose_*`, keep foreground process alive)\r
- `--no-keep-alive` (default for `expose_*`, print result then exit)\r
- `--compact`\r
\r
Command names accept `_` and `-` (for example `expose-port` == `expose_port`).\r
\r
## Standard workflow for agents\r
\r
1. Run `env_check` first.\r
2. Create exposure with `expose_port` or `expose_files`.\r
3. Return `public_url` and `expires_at` to user immediately.\r
4. By default, `expose_*` prints result and exits.\r
5. Use `--keep-alive` only when foreground lifecycle control is needed; stop with `Ctrl+C` when done.\r
\r
Recommended for stable automation:\r
\r
- Prefer `--params`/`--params-file` over positional raw JSON to reduce quoting errors.\r
- Prefer `access: "token"` for sensitive content.\r
- Treat `access: "none"` as publicly readable by anyone with link.\r
\r
## Tool usage\r
\r
### 1) env_check\r
\r
```bash\r
cfshare env_check\r
```\r
\r
Returns:\r
\r
- `cloudflared.ok/path/version`\r
- `defaults` (effective policy + runtime paths)\r
- `warnings`\r
\r
### 2) expose_port\r
\r
```bash\r
cfshare expose_port --params '{"port":3000,"opts":{"access":"token","ttl_seconds":3600}}'\r
```\r
\r
Params:\r
\r
- `port`: `1..65535`\r
- `opts.ttl_seconds`\r
- `opts.access`: `token | basic | none`\r
- `opts.protect_origin`: default `access != "none"`\r
- `opts.allowlist_paths`: path prefix allowlist for reverse proxy\r
\r
Returns:\r
\r
- `id`\r
- `public_url` (token mode auto-appends `?token=...`)\r
- `local_url`\r
- `expires_at`\r
- `access_info` (secrets are masked)\r
\r
### 3) expose_files\r
\r
```bash\r
cfshare expose_files --params '{"paths":["./dist"],"opts":{"mode":"normal","presentation":"preview","access":"none"}}'\r
```\r
\r
Params:\r
\r
- `paths`: files/directories to copy into temp workspace\r
- `opts.mode`: `normal | zip` (default `normal`)\r
- `opts.presentation`: `download | preview | raw` (default `download`)\r
- `opts.ttl_seconds`\r
- `opts.access`: `token | basic | none`\r
- `opts.max_downloads`: auto-stop after threshold\r
\r
File Serving Behavior:\r
\r
Mode: normal\r
\r
- Single file → served directly at the root URL.\r
- Multiple files or a directory → displayed in an intuitive file explorer interface.\r
\r
Mode: zip\r
\r
- All files are packaged into a ZIP archive.\r
\r
Presentation:\r
\r
- Default behaviors: download | preview | raw\r
- Behavior can be overridden via query parameters.\r
  - download → forces browser file save.\r
  - preview → renders inline (images, PDF, Markdown, audio/video, HTML, text, etc.).\r
  - raw → serves original content without any wrapper.\r
- If a file type is not previewable, preview automatically falls back to raw, then to download.\r
\r
Returns:\r
\r
- `id`, `public_url`, `expires_at`, `mode`, `presentation`\r
- `manifest`, `manifest_mode`, `manifest_meta`\r
\r
### 4) exposure_list\r
\r
```bash\r
cfshare exposure_list\r
```\r
\r
Lists tracked sessions with `id/type/status/public_url/local_url/expires_at`.\r
\r
### 5) exposure_get\r
\r
```bash\r
cfshare exposure_get --params '{"id":"port_xxx","opts":{"probe_public":true}}'\r
cfshare exposure_get --params '{"filter":{"status":"running"},"fields":["id","status","public_url"]}'\r
```\r
\r
Supports selector by `id`, `ids`, or `filter`.\r
Can probe public reachability via `opts.probe_public`.\r
\r
### 6) exposure_stop\r
\r
```bash\r
cfshare exposure_stop --params '{"id":"all"}'\r
```\r
\r
Stops tunnel/proxy/origin and removes temporary workspace.\r
Returns `{stopped, failed, cleaned}`.\r
\r
### 7) exposure_logs\r
\r
```bash\r
cfshare exposure_logs --params '{"id":"files_xxx","opts":{"component":"all","lines":200}}'\r
```\r
\r
`component`: `tunnel | origin | all`.\r
\r
### 8) maintenance\r
\r
```bash\r
cfshare maintenance --params '{"action":"run_gc"}'\r
cfshare maintenance --params '{"action":"set_policy","opts":{"policy":{"maxTtlSeconds":7200},"ignore_patterns":["*.pem",".env*"]}}'\r
```\r
\r
Actions:\r
\r
- `start_guard`\r
- `run_gc`\r
- `set_policy` (requires `opts.policy` or `opts.ignore_patterns`)\r
\r
### 9) audit_query\r
\r
```bash\r
cfshare audit_query --params '{"filters":{"event":"exposure_started","limit":100}}'\r
```\r
\r
### 10) audit_export\r
\r
```bash\r
cfshare audit_export --params '{"range":{"from_ts":"2026-01-01T00:00:00Z","output_path":"./audit.jsonl"}}'\r
```\r
\r
## Runtime files (CLI mode)\r
\r
Default CLI state directory is `~/.cfshare`:\r
\r
- `policy.json`\r
- `policy.ignore`\r
- `audit.jsonl`\r
- `sessions.json`\r
- `workspaces/`\r
- `exports/`\r
\r
## Important limitations in CLI mode\r
\r
- `expose_port` and `expose_files` exit by default after printing result; use `--keep-alive` to hold foreground.\r
- Current session registry is in-process memory; separate `cfshare` invocations do not restore full live session state.\r
- `basic` mode credentials are masked in outputs, so `token` is usually the practical authenticated mode for agent-delivered links.\r
\r
## Troubleshooting\r
\r
- `cloudflared binary not found`: install `cloudflared` or set `--config '{"cloudflaredPath":"..."}'`\r
- `local service is not reachable on 127.0.0.1:\x3Cport>`: start service first\r
- `path blocked by ignore policy`: adjust `policy.ignore` or `maintenance set_policy`\r
- `port blocked by policy`: update `blockedPorts` in policy if intentional\r
\r
Use `CFSHARE_LOG_LEVEL=info` or `CFSHARE_LOG_LEVEL=debug` for more stderr logs.\r
安全使用建议
This skill appears to do what it advertises (create temporary public URLs) but you should verify a few things before installing or running it: 1) Confirm the npm package (@ystemsrx/cfshare) and its source repository are legitimate and review its install scripts — npm -g can run arbitrary code. 2) Check the cloudflared binary source (the SKILL.md references official Cloudflare repos and GitHub releases; prefer package manager installs or signed releases). 3) Clarify whether you need a Cloudflare account or service credentials (the SKILL.md is silent on account credentials but exposes token/basic access modes). 4) Remember that exposing files/ports can leak sensitive data — test with non-sensitive files and use token access where possible. 5) If you need higher assurance, run the installs in a sandbox or VM, and inspect the installed cfshare package contents and the output of cfshare env_check before exposing anything important.
功能分析
Type: OpenClaw Skill Name: cfshare Version: 0.1.6 The skill provides high-risk capabilities for exposing local ports and files to the public internet via Cloudflare Quick Tunnels. It includes instructions for the agent to perform system-level installations of a specific third-party npm package (@ystemsrx/cfshare) and download binaries via curl. While the skill includes some security features like a policy ignore list (e.g., for .env files), the inherent risk of automated internet exposure of local resources and the requirement to install external, user-controlled software make it suspicious. (Files: SKILL.md, _meta.json)
能力评估
Purpose & Capability
Name/description (expose local ports/files via Cloudflare Quick Tunnel) align with the instructions: it calls cfshare and cloudflared, supports exposing ports/files, listing/stopping exposures, and exporting audit state. The declared required binaries in metadata (cfshare, cloudflared) match runtime checks.
Instruction Scope
SKILL.md stays within the stated purpose: it instructs running env_check, creating exposures, copying paths into a temporary workspace, and returning public_url/expires_at. It explicitly exposes user files/ports publicly (or with token/basic access) — this is expected but high-risk from a privacy perspective. It does not instruct reading unrelated system files or environment variables, though it references 'defaults' and 'runtime paths' which may cause the tool to read local config/policy files.
Install Mechanism
No install spec in the skill bundle (instruction-only). The SKILL.md recommends installing cfshare via npm -g and cloudflared via brew/apt/winget or a GitHub release binary. Those sources are common but carry moderate risk: npm packages run install scripts and can execute arbitrary code, and curl to download/extract binaries executes network-fetched code. Verify package provenance and signatures before installing.
Credentials
The skill declares no required environment variables or credentials, but it provides access modes (token/basic/none) and mentions masked access_info. It's unclear whether Cloudflare account credentials or cloudflared secrets (if any) are needed or how tokens are generated/managed. The lack of explicit mention of required Cloudflare credentials is an omission worth clarifying.
Persistence & Privilege
always:false and no install artifacts in the skill bundle. The skill may advise running cfshare with --keep-alive for foreground lifecycle but does not request permanent agent presence or modification of other skills/config. No evidence of elevated or persistent privileges requested by the skill manifest itself.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install cfshare
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /cfshare 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.6
- Removed the "allowed-tools" field from the skill manifest for improved compatibility. - No functional or CLI changes made in this release.
v0.1.5
- Major update: cfshare now uses a dedicated CLI wrapper instead of direct Cloudflare Quick Tunnel invocation. - Updated all commands and examples to use the new cfshare CLI (`cfshare <tool> [options]`) with structured JSON out. - Clarified installation instructions for both cfshare and cloudflared, with platform-specific guidance. - Expanded tool explanations and provided full CLI usage details for each cfshare command. - Documented recommended agent workflows, troubleshooting steps, limitations in CLI mode, and paths for all runtime files. - Most behaviors from prior version are retained but now reference cfshare CLI usage and options directly.
v0.1.0
Initial release of cfshare – easily share or preview local services and files via secure temporary HTTPS links using Cloudflare Quick Tunnel.
元数据
Slug cfshare
版本 0.1.6
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 3
常见问题

CF Share 是什么?

Use the cfshare CLI to expose local ports/files as temporary Cloudflare Quick Tunnel URLs. Trigger when a user needs a temporary public URL for a local servi... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 737 次。

如何安装 CF Share?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install cfshare」即可一键安装,无需额外配置。

CF Share 是免费的吗?

是的,CF Share 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

CF Share 支持哪些平台?

CF Share 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 CF Share?

由 Sixteen(@ystemsrx)开发并维护,当前版本 v0.1.6。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论