skills$openclaw/cloudflare

4.7k★

cloudflare – OpenClaw Skill

Name: cloudflare
Author: stopmoclay

cloudflare is an OpenClaw Skills integration for coding workflows. Connect to Cloudflare API for DNS management, tunnels, and zone administration. Use when user needs to manage domains, DNS records, or create tunnels.

4.7k stars4.7k forksSecurity L1

Updated Feb 7, 2026Created Feb 7, 2026coding

Skill Snapshot

name	cloudflare
description	Connect to Cloudflare API for DNS management, tunnels, and zone administration. Use when user needs to manage domains, DNS records, or create tunnels. OpenClaw Skills integration.
owner	stopmoclay
repository	stopmoclay/cloudflare-api
language	Markdown
license	MIT
topics
security	L1
install	openclaw add @stopmoclay/cloudflare-api
last updated	Feb 7, 2026

Maintainer

stopmoclay

Maintains cloudflare in the OpenClaw Skills directory.

View GitHub profile

File Explorer

21 files

examples

config-snippet.json

497 B

scripts

dns

create.sh

2.2 KB

delete.sh

2.0 KB

list.sh

2.0 KB

update.sh

2.4 KB

tunnels

configure.sh

2.1 KB

create.sh

1.7 KB

delete.sh

1.6 KB

list.sh

2.0 KB

token.sh

1.7 KB

zones

get.sh

1.4 KB

list.sh

1.5 KB

_lib.sh

1.9 KB

setup.sh

1.9 KB

_meta.json

284 B

SKILL.md

3.8 KB

SKILL.md

name: cloudflare description: Connect to Cloudflare API for DNS management, tunnels, and zone administration. Use when user needs to manage domains, DNS records, or create tunnels. read_when:

User asks about Cloudflare DNS or domains
User wants to create or manage DNS records
User needs to set up Cloudflare tunnels
User wants to list their Cloudflare zones metadata: clawdbot: emoji: "☁️" requires: bins: ["curl", "jq"]

Cloudflare Skill

Connect to Cloudflare API for DNS management, tunnels, and zone administration.

Setup

1. Get Your API Token

Go to dash.cloudflare.com/profile/api-tokens
Create a token with required permissions:
- Zone:Read - List domains
- DNS:Edit - Manage DNS records
- Account:Cloudflare Tunnel:Edit - Manage tunnels
Copy the token

2. Configure

# Option A: Store in file (recommended)
echo "YOUR_API_TOKEN" > ~/.cloudflare_token
chmod 600 ~/.cloudflare_token

# Option B: Environment variable
export CLOUDFLARE_API_TOKEN="YOUR_API_TOKEN"

3. Test Connection

./scripts/setup.sh

Commands

Zones (Domains)

./scripts/zones/list.sh                    # List all zones
./scripts/zones/list.sh --json             # JSON output
./scripts/zones/get.sh example.com         # Get zone details

DNS Records

# List records
./scripts/dns/list.sh example.com
./scripts/dns/list.sh example.com --type A
./scripts/dns/list.sh example.com --name api

# Create record
./scripts/dns/create.sh example.com \
  --type A \
  --name api \
  --content 1.2.3.4 \
  --proxied

# Create CNAME
./scripts/dns/create.sh example.com \
  --type CNAME \
  --name www \
  --content example.com \
  --proxied

# Update record
./scripts/dns/update.sh example.com \
  --name api \
  --type A \
  --content 5.6.7.8

# Delete record
./scripts/dns/delete.sh example.com --name api --type A

Tunnels

# List tunnels
./scripts/tunnels/list.sh

# Create tunnel
./scripts/tunnels/create.sh my-tunnel

# Configure tunnel ingress
./scripts/tunnels/configure.sh my-tunnel \
  --hostname app.example.com \
  --service http://localhost:3000

# Get run token
./scripts/tunnels/token.sh my-tunnel

# Delete tunnel
./scripts/tunnels/delete.sh my-tunnel

Token Permissions

Feature	Required Permission
List zones	Zone:Read
Manage DNS	DNS:Edit
Manage tunnels	Account:Cloudflare Tunnel:Edit

Create token at: dash.cloudflare.com/profile/api-tokens

Common Workflows

Point subdomain to server

./scripts/dns/create.sh mysite.com --type A --name api --content 1.2.3.4 --proxied

Set up tunnel for local service

# 1. Create tunnel
./scripts/tunnels/create.sh webhook-tunnel

# 2. Configure ingress
./scripts/tunnels/configure.sh webhook-tunnel \
  --hostname hook.mysite.com \
  --service http://localhost:8080

# 3. Add DNS record
TUNNEL_ID=$(./scripts/tunnels/list.sh --name webhook-tunnel --quiet)
./scripts/dns/create.sh mysite.com \
  --type CNAME \
  --name hook \
  --content ${TUNNEL_ID}.cfargotunnel.com \
  --proxied

# 4. Run tunnel
TOKEN=$(./scripts/tunnels/token.sh webhook-tunnel)
cloudflared tunnel run --token $TOKEN

Output Formats

Flag	Description
`--json`	Raw JSON from API
`--table`	Formatted table (default)
`--quiet`	Minimal output (IDs only)

Troubleshooting

Error	Solution
"No API token found"	Run setup or set CLOUDFLARE_API_TOKEN
"401 Unauthorized"	Check token is valid
"403 Forbidden"	Token missing required permission
"Zone not found"	Verify domain is in your account

README.md

No README available.

Permissions & Security

Security level L1: Low-risk skills with minimal permissions. Review inputs and outputs before running in production.

| Feature | Required Permission | |---------|-------------------| | List zones | Zone:Read | | Manage DNS | DNS:Edit | | Manage tunnels | Account:Cloudflare Tunnel:Edit | Create token at: [dash.cloudflare.com/profile/api-tokens](https://dash.cloudflare.com/profile/api-tokens) ---

Requirements

OpenClaw CLI installed and configured.
Language: Markdown
License: MIT
Topics:

Configuration

./scripts/tunnels/configure.sh my-tunnel \ --hostname app.example.com \ --service http://localhost:3000

FAQ

How do I install cloudflare?

Run openclaw add @stopmoclay/cloudflare-api in your terminal. This installs cloudflare into your OpenClaw Skills catalog.

Does this skill run locally or in the cloud?

OpenClaw Skills execute locally by default. Review the SKILL.md and permissions before running any skill.

Where can I verify the source code?

The source repository is available at https://github.com/openclaw/skills/tree/main/skills/stopmoclay/cloudflare-api. Review commits and README documentation before installing.