← 返回 Skills 市场
1051
总下载
2
收藏
6
当前安装
1
版本数
在 OpenClaw 中安装
/install flaresolverr
功能描述
Bypass Cloudflare protection by routing requests through FlareSolverr’s browser API, handling challenges and returning page content, cookies, and headers.
使用说明 (SKILL.md)
FlareSolverr — Cloudflare Bypass
Use FlareSolverr to bypass Cloudflare protection when direct curl requests fail with 403 or Cloudflare challenge pages.
Setup
- Run FlareSolverr (Docker recommended):
docker run -d --name flaresolverr -p 8191:8191 ghcr.io/flaresolverr/flaresolverr:latest
- Set the environment variable:
export FLARESOLVERR_URL="http://localhost:8191"
- Verify:
curl -s "$FLARESOLVERR_URL/health" | jq '.'
# Expected: {"status":"ok","version":"3.x.x"}
When to Use
- Direct curl fails with 403 Forbidden
- Cloudflare challenge page appears (JS challenge, captcha, "Checking your browser")
- Bot detection blocks automated requests
- Rate limiting or anti-scraping measures
Workflow
- Try direct curl first (it's faster and simpler)
- If blocked: Use FlareSolverr to get cookies/user-agent
- Reuse session for subsequent requests (optional, for performance)
Basic Usage
Simple GET Request
curl -X POST "$FLARESOLVERR_URL/v1" \
-H "Content-Type: application/json" \
-d '{
"cmd": "request.get",
"url": "https://example.com/protected-page",
"maxTimeout": 60000
}' | jq '.'
Response Structure
{
"status": "ok",
"message": "Challenge solved!",
"solution": {
"url": "https://example.com/protected-page",
"status": 200,
"headers": {},
"response": "\x3Chtml>...\x3C/html>",
"cookies": [
{
"name": "cf_clearance",
"value": "...",
"domain": ".example.com"
}
],
"userAgent": "Mozilla/5.0 ..."
},
"startTimestamp": 1234567890,
"endTimestamp": 1234567895,
"version": "3.3.2"
}
Extract Page Content
curl -s -X POST "$FLARESOLVERR_URL/v1" \
-H "Content-Type: application/json" \
-d '{
"cmd": "request.get",
"url": "https://example.com/protected-page"
}' | jq -r '.solution.response'
Extract Cookies
curl -s -X POST "$FLARESOLVERR_URL/v1" \
-H "Content-Type: application/json" \
-d '{
"cmd": "request.get",
"url": "https://example.com"
}' | jq -r '.solution.cookies[] | "\(.name)=\(.value)"'
Session Management
Sessions allow reusing browser context (cookies, user-agent) for multiple requests, improving performance.
Create Session
curl -s -X POST "$FLARESOLVERR_URL/v1" \
-H "Content-Type: application/json" \
-d '{"cmd": "sessions.create"}' | jq -r '.session'
Use Session for Request
curl -s -X POST "$FLARESOLVERR_URL/v1" \
-H "Content-Type: application/json" \
-d '{
"cmd": "request.get",
"url": "https://example.com/page1",
"session": "SESSION_ID"
}' | jq -r '.solution.response'
List Active Sessions
curl -s -X POST "$FLARESOLVERR_URL/v1" \
-H "Content-Type: application/json" \
-d '{"cmd": "sessions.list"}' | jq '.sessions'
Destroy Session
curl -s -X POST "$FLARESOLVERR_URL/v1" \
-H "Content-Type: application/json" \
-d '{
"cmd": "sessions.destroy",
"session": "SESSION_ID"
}'
POST Requests
curl -s -X POST "$FLARESOLVERR_URL/v1" \
-H "Content-Type: application/json" \
-d '{
"cmd": "request.post",
"url": "https://example.com/api/endpoint",
"postData": "key1=value1&key2=value2",
"maxTimeout": 60000
}' | jq '.'
For JSON POST data:
curl -s -X POST "$FLARESOLVERR_URL/v1" \
-H "Content-Type: application/json" \
-d '{
"cmd": "request.post",
"url": "https://example.com/api/endpoint",
"postData": "{\"key\":\"value\"}",
"headers": {
"Content-Type": "application/json"
}
}' | jq '.'
Advanced Options
Custom User-Agent
curl -s -X POST "$FLARESOLVERR_URL/v1" \
-H "Content-Type: application/json" \
-d '{
"cmd": "request.get",
"url": "https://example.com",
"userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
}' | jq '.'
Custom Headers
curl -s -X POST "$FLARESOLVERR_URL/v1" \
-H "Content-Type: application/json" \
-d '{
"cmd": "request.get",
"url": "https://example.com",
"headers": {
"Accept-Language": "en-US,en;q=0.9",
"Referer": "https://google.com"
}
}' | jq '.'
Proxy Support
curl -s -X POST "$FLARESOLVERR_URL/v1" \
-H "Content-Type: application/json" \
-d '{
"cmd": "request.get",
"url": "https://example.com",
"proxy": {
"url": "http://proxy.example.com:8080"
}
}' | jq '.'
Download Binary Content
curl -s -X POST "$FLARESOLVERR_URL/v1" \
-H "Content-Type: application/json" \
-d '{
"cmd": "request.get",
"url": "https://example.com/file.pdf",
"download": true
}' | jq -r '.solution.response' | base64 -d > file.pdf
Error Handling
Common Errors
"status": "error": Request failed (checkmessagefield)"status": "timeout": maxTimeout exceeded (increase timeout)"status": "captcha": Manual captcha required (rare, usually auto-solved)
Check Status
curl -s -X POST "$FLARESOLVERR_URL/v1" \
-H "Content-Type: application/json" \
-d '{"cmd": "request.get", "url": "https://example.com"}' | \
jq -r '.status'
Example Workflow
Bypass Cloudflare and Extract Data
# Step 1: Fetch page through FlareSolverr
RESPONSE=$(curl -s -X POST "$FLARESOLVERR_URL/v1" \
-H "Content-Type: application/json" \
-d '{
"cmd": "request.get",
"url": "https://example.com/protected-page"
}')
# Step 2: Check if successful
STATUS=$(echo "$RESPONSE" | jq -r '.status')
if [ "$STATUS" != "ok" ]; then
echo "Failed: $(echo "$RESPONSE" | jq -r '.message')"
exit 1
fi
# Step 3: Extract and parse HTML
echo "$RESPONSE" | jq -r '.solution.response'
Multi-Page Session
# Create session
SESSION=$(curl -s -X POST "$FLARESOLVERR_URL/v1" \
-H "Content-Type: application/json" \
-d '{"cmd": "sessions.create"}' | jq -r '.session')
# Page 1
curl -s -X POST "$FLARESOLVERR_URL/v1" \
-H "Content-Type: application/json" \
-d "{\"cmd\": \"request.get\", \"url\": \"https://example.com/page1\", \"session\": \"$SESSION\"}" | \
jq -r '.solution.response'
# Page 2 (reuses cookies from page 1)
curl -s -X POST "$FLARESOLVERR_URL/v1" \
-H "Content-Type: application/json" \
-d "{\"cmd\": \"request.get\", \"url\": \"https://example.com/page2\", \"session\": \"$SESSION\"}" | \
jq -r '.solution.response'
# Cleanup
curl -s -X POST "$FLARESOLVERR_URL/v1" \
-H "Content-Type: application/json" \
-d "{\"cmd\": \"sessions.destroy\", \"session\": \"$SESSION\"}"
Health Check
curl -s "$FLARESOLVERR_URL/health" | jq '.'
Performance Tips
- Use sessions for multiple requests to same domain (reuses cookies/context)
- Increase maxTimeout for slow sites (default: 60000ms)
- Fallback to direct curl when possible (FlareSolverr is slower due to browser overhead)
- Destroy sessions when done to free resources
Limitations
- Slower than direct curl (launches headless browser)
- Resource intensive (limit concurrent requests)
- May not solve all captchas (most Cloudflare challenges work)
- HTML only in response (no client-side JS execution after fetch)
Best Practices
- Always try direct curl first
- Use sessions for multi-page workflows
- Set appropriate maxTimeout (default 60s, increase for slow sites)
- Clean up sessions when done
- Handle errors gracefully (check
statusfield) - Rate limit your requests (don't overwhelm FlareSolverr or target site)
安全使用建议
This skill appears coherent for running and using a FlareSolverr HTTP API. Before installing: prefer running FlareSolverr yourself (the SKILL.md suggests the ghcr.io Docker image) so requests and solved pages stay on your host; do not set FLARESOLVERR_URL to an untrusted public endpoint (that service will see all target URLs, page content, and cookies); consider legal/terms-of-service implications of bypassing protections and respect rate limits; and keep curl/jq available on the agent environment. Autonomy is allowed by default but the skill does not request elevated/system-wide privileges.
功能分析
Type: OpenClaw Skill
Name: flaresolverr
Version: 1.0.0
The skill `flaresolverr` is designed to bypass Cloudflare protection for web scraping, which inherently involves powerful capabilities like making arbitrary network requests to external domains and downloading content to the local filesystem (demonstrated by `base64 -d > file.pdf` in SKILL.md). While these capabilities are necessary for the stated purpose, they represent significant security risks if the AI agent's input is not rigorously sanitized or if the agent is maliciously prompted. There is no explicit evidence of intentional harmful behavior such as data exfiltration, persistence mechanisms, or obfuscation within the provided files, but the broad permissions and potential for abuse classify it as suspicious rather than benign.
能力评估
Purpose & Capability
Name, description, declared binaries (curl, jq), and required env var (FLARESOLVERR_URL) align with using an external FlareSolverr HTTP API. The SKILL.md only documents calling that API and managing sessions/cookies, which is expected for this purpose.
Instruction Scope
Instructions stay within the skill's scope: run FlareSolverr (Docker), set FLARESOLVERR_URL, and POST JSON requests to /v1. The skill makes and extracts page content, cookies, headers and supports proxies/sessions — all reasonable for a bypass/scraping helper. Note: because the skill returns full page content and cookies, using a remote/untrusted FLARESOLVERR_URL would expose requested URLs and page data to that host (privacy/exfiltration risk).
Install Mechanism
Instruction-only skill (no install spec or code). SKILL.md advises running the official ghcr.io/flaresolverr image via docker run — a standard, expected approach and not an arbitrary download URL from an unknown server.
Credentials
Only FLARESOLVERR_URL is required and declared as the primaryEnv, which is proportional. Caution: that single env var controls the service endpoint — pointing it to an untrusted third-party service could leak all requested URLs, page contents, and cookies to that remote operator.
Persistence & Privilege
always:false and no install or persistent configuration changes are requested. The skill does not ask to modify other skills or system-wide settings.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install flaresolverr - 安装完成后,直接呼叫该 Skill 的名称或使用
/flaresolverr触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: Cloudflare bypass via FlareSolverr proxy. ENV-based config, session management, GET/POST, proxy support, error handling.
元数据
常见问题
FlareSolverr — Cloudflare Bypass 是什么?
Bypass Cloudflare protection by routing requests through FlareSolverr’s browser API, handling challenges and returning page content, cookies, and headers. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1051 次。
如何安装 FlareSolverr — Cloudflare Bypass?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install flaresolverr」即可一键安装,无需额外配置。
FlareSolverr — Cloudflare Bypass 是免费的吗?
是的,FlareSolverr — Cloudflare Bypass 完全免费(开源免费),可自由下载、安装和使用。
FlareSolverr — Cloudflare Bypass 支持哪些平台?
FlareSolverr — Cloudflare Bypass 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 FlareSolverr — Cloudflare Bypass?
由 Dolverin(@dolverin)开发并维护,当前版本 v1.0.0。
推荐 Skills