← 返回 Skills 市场
lucassynnott

Cloudflare API

作者 Lucas Synnott · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
2810
总下载
3
收藏
15
当前安装
1
版本数
在 OpenClaw 中安装
/install cloudflare-api
功能描述
Connect to Cloudflare API for DNS management, tunnels, and zone administration. Use when user needs to manage domains, DNS records, or create tunnels.
使用说明 (SKILL.md)

Cloudflare Skill

Connect to Cloudflare API for DNS management, tunnels, and zone administration.

Setup

1. Get Your API Token

  1. Go to dash.cloudflare.com/profile/api-tokens
  2. Create a token with required permissions:
    • Zone:Read - List domains
    • DNS:Edit - Manage DNS records
    • Account:Cloudflare Tunnel:Edit - Manage tunnels
  3. Copy the token

2. Configure

# Option A: Store in file (recommended)
echo "YOUR_API_TOKEN" > ~/.cloudflare_token
chmod 600 ~/.cloudflare_token

# Option B: Environment variable
export CLOUDFLARE_API_TOKEN="YOUR_API_TOKEN"

3. Test Connection

./scripts/setup.sh

Commands

Zones (Domains)

./scripts/zones/list.sh                    # List all zones
./scripts/zones/list.sh --json             # JSON output
./scripts/zones/get.sh example.com         # Get zone details

DNS Records

# List records
./scripts/dns/list.sh example.com
./scripts/dns/list.sh example.com --type A
./scripts/dns/list.sh example.com --name api

# Create record
./scripts/dns/create.sh example.com \
  --type A \
  --name api \
  --content 1.2.3.4 \
  --proxied

# Create CNAME
./scripts/dns/create.sh example.com \
  --type CNAME \
  --name www \
  --content example.com \
  --proxied

# Update record
./scripts/dns/update.sh example.com \
  --name api \
  --type A \
  --content 5.6.7.8

# Delete record
./scripts/dns/delete.sh example.com --name api --type A

Tunnels

# List tunnels
./scripts/tunnels/list.sh

# Create tunnel
./scripts/tunnels/create.sh my-tunnel

# Configure tunnel ingress
./scripts/tunnels/configure.sh my-tunnel \
  --hostname app.example.com \
  --service http://localhost:3000

# Get run token
./scripts/tunnels/token.sh my-tunnel

# Delete tunnel
./scripts/tunnels/delete.sh my-tunnel

Token Permissions

Feature Required Permission
List zones Zone:Read
Manage DNS DNS:Edit
Manage tunnels Account:Cloudflare Tunnel:Edit

Create token at: dash.cloudflare.com/profile/api-tokens

Common Workflows

Point subdomain to server

./scripts/dns/create.sh mysite.com --type A --name api --content 1.2.3.4 --proxied

Set up tunnel for local service

# 1. Create tunnel
./scripts/tunnels/create.sh webhook-tunnel

# 2. Configure ingress
./scripts/tunnels/configure.sh webhook-tunnel \
  --hostname hook.mysite.com \
  --service http://localhost:8080

# 3. Add DNS record
TUNNEL_ID=$(./scripts/tunnels/list.sh --name webhook-tunnel --quiet)
./scripts/dns/create.sh mysite.com \
  --type CNAME \
  --name hook \
  --content ${TUNNEL_ID}.cfargotunnel.com \
  --proxied

# 4. Run tunnel
TOKEN=$(./scripts/tunnels/token.sh webhook-tunnel)
cloudflared tunnel run --token $TOKEN

Output Formats

Flag Description
--json Raw JSON from API
--table Formatted table (default)
--quiet Minimal output (IDs only)

Troubleshooting

Error Solution
"No API token found" Run setup or set CLOUDFLARE_API_TOKEN
"401 Unauthorized" Check token is valid
"403 Forbidden" Token missing required permission
"Zone not found" Verify domain is in your account
安全使用建议
What to consider before installing: - This package is a local script-based Cloudflare client. It needs your Cloudflare API token (either in CLOUDFLARE_API_TOKEN or stored at ~/.cloudflare_token). The registry metadata did not declare this — treat that omission as a red flag. - The skill also calls openssl (to generate a secret) and the README mentions running cloudflared; make sure those binaries exist and that you understand what they will execute. The metadata only lists curl and jq, so openssl/cloudflared are undeclared dependencies. - Only provide a token scoped to the minimum permissions needed (Zone:Read, DNS:Edit, Account:Cloudflare Tunnel:Edit) and avoid using an account-level or global API key. Prefer creating a limited API token in the Cloudflare dashboard. - Inspect the scripts locally before running them (they are included in the package). Confirm they only call api.cloudflare.com and do not exfiltrate data elsewhere — in this case the scripts call only Cloudflare endpoints. - Store the token securely (file with chmod 600 or environment variable managed by your secrets tooling). If you have any doubt about the author/source, do not provide credentials and run the scripts in an isolated environment. If the publisher fixes the metadata to declare the token and openssl/cloudflared requirements and you review the scripts yourself, the skill is coherent for its intended purpose. Until then, proceed cautiously.
功能分析
Type: OpenClaw Skill Name: cloudflare-api Version: 1.0.0 The OpenClaw AgentSkills skill bundle for Cloudflare API management is benign. It provides legitimate functionality for managing Cloudflare DNS, zones, and tunnels. API tokens are handled securely by reading from environment variables or a protected file (`~/.cloudflare_token`) and are only used for authenticated requests to the official Cloudflare API (`https://api.cloudflare.com`). The `SKILL.md` file contains clear instructions for the user and does not exhibit any prompt injection attempts against the agent. All scripts (`scripts/*.sh`) use standard tools like `curl`, `jq`, and `openssl` in a safe and expected manner, without any signs of data exfiltration, malicious execution, persistence mechanisms, or obfuscation.
能力评估
Purpose & Capability
The name/description match the included scripts: they call the Cloudflare API to list zones, manage DNS records, and manage tunnels. Declared required binaries (curl, jq) are appropriate. However, scripts also call openssl (to generate a tunnel secret) and the README references cloudflared for running tunnels; openssl and cloudflared are not declared as required binaries. The capability set itself is consistent with the stated purpose.
Instruction Scope
SKILL.md instructs storing an API token in ~/.cloudflare_token or in CLOUDFLARE_API_TOKEN and to run ./scripts/setup.sh; the scripts indeed read ~/.cloudflare_token and the environment variable. The instructions and scripts do not try to read unrelated system files or contact endpoints outside Cloudflare's API, which is good. The concern is the SKILL.md and package metadata disagree on what credentials/config are required (see environment_proportionality).
Install Mechanism
There is no install spec (instruction-only style) and no remote downloads; all code is included in the bundle. That keeps install risk low. No extracted archives or external installers are used. Note: because scripts run commands (openssl, cloudflared), the runtime must have those binaries and the skill will rely on them when executed.
Credentials
The scripts require a Cloudflare API token (read from CLOUDFLARE_API_TOKEN or ~/.cloudflare_token) and SKILL.md describes required token scopes (Zone:Read, DNS:Edit, Account:Cloudflare Tunnel:Edit). But the registry metadata lists no required environment variables and no primary credential — a clear mismatch. The requested permissions are appropriate for the task (not excessive), but the metadata omission is misleading and could cause users to accidentally provide a high-privilege token without realizing it.
Persistence & Privilege
The skill does not request always:true and does not attempt to modify other skills or agent-wide configuration. It reads a token file from the user's home and uses it to call Cloudflare APIs — expected behavior for this functionality.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install cloudflare-api
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /cloudflare-api 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release - DNS management, tunnels, and zone administration
元数据
Slug cloudflare-api
版本 1.0.0
许可证
累计安装 15
当前安装数 15
历史版本数 1
常见问题

Cloudflare API 是什么?

Connect to Cloudflare API for DNS management, tunnels, and zone administration. Use when user needs to manage domains, DNS records, or create tunnels. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 2810 次。

如何安装 Cloudflare API?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install cloudflare-api」即可一键安装,无需额外配置。

Cloudflare API 是免费的吗?

是的,Cloudflare API 完全免费(开源免费),可自由下载、安装和使用。

Cloudflare API 支持哪些平台?

Cloudflare API 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Cloudflare API?

由 Lucas Synnott(@lucassynnott)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论