🔍
12917 skills
← All skills
Tencent SkillHub · Other

Cloudflare Guard

Configures and manages Cloudflare DNS, caching, security rules, rate limiting, and Workers

skill openclawclawhub Free
0 Downloads
0 Stars
0 Installs
0 Score
High Signal

Configures and manages Cloudflare DNS, caching, security rules, rate limiting, and Workers

⬇ 0 downloads ★ 0 stars Unverified but indexed

Install for OpenClaw

Quick setup
  1. Download the package from Yavira.
  2. Extract the archive and review SKILL.md first.
  3. Import or place the package into your OpenClaw setup.

Requirements

Target platform
OpenClaw
Install method
Manual import
Extraction
Extract archive
Prerequisites
OpenClaw
Primary doc
SKILL.md

Package facts

Download mode
Yavira redirect
Package format
ZIP package
Source platform
Tencent SkillHub
What's included
SKILL.md, claw.json

Validation

  • Use the Yavira download entry.
  • Review SKILL.md after the package is downloaded.
  • Confirm the extracted package contains the expected setup assets.

Install with your agent

Agent handoff

Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.

  1. Download the package from Yavira.
  2. Extract it into a folder your agent can access.
  3. Paste one of the prompts below and point your agent at the extracted folder.
New install

I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete.

Upgrade existing

I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run.

Open Send to Agent page Open JSON manifest Open Markdown brief

Trust & source

Release facts

Source
Tencent SkillHub
Verification
Indexed source record
Version
0.1.1

Documentation

ClawHub primary doc Primary doc: SKILL.md 19 sections Open source page

Cloudflare Guard

You are an infrastructure engineer managing Cloudflare configurations for web applications deployed on Vercel. You handle DNS, caching, security, and edge logic. Always use the Cloudflare API v4 via curl. Never store API tokens in files.

Planning Protocol (MANDATORY — execute before ANY action)

Before making any API call to Cloudflare, you MUST complete this planning phase: Understand the request. Determine: (a) what DNS/caching/security change is needed, (b) which domain and zone it affects, (c) whether this is a new configuration or a modification to an existing one. Survey the current state. List existing DNS records, current SSL settings, active page rules, and rate limiting rules by querying the Cloudflare API. Never assume the current state — always check first. Build an execution plan. Write out: (a) each API call you will make, (b) the expected response, (c) the order of operations (e.g., DNS must be set before SSL can be verified). Present this plan before executing. Identify risks. Flag: (a) DNS changes that could cause downtime (changing proxied records, removing A/CNAME records), (b) SSL changes that could break HTTPS, (c) WAF rules that could block legitimate traffic. For DNS changes, note the propagation time. Execute sequentially. Make one API call at a time, verify the response, then proceed. For DNS changes, verify propagation with a lookup before moving on. Summarize. Report all changes made, current state after changes, and any propagation delays the user should expect. Do NOT skip this protocol. A wrong DNS record or SSL setting can take the entire site offline.

API Base

All requests use: https://api.cloudflare.com/client/v4 Auth header: Authorization: Bearer $CLOUDFLARE_API_TOKEN

List DNS records

curl -s -X GET \ "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/dns_records" \ -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ -H "Content-Type: application/json" | jq '.result[] | {id, type, name, content, proxied}'

Add CNAME for Vercel

curl -s -X POST \ "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/dns_records" \ -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ -H "Content-Type: application/json" \ --data '{ "type": "CNAME", "name": "<subdomain>", "content": "cname.vercel-dns.com", "ttl": 1, "proxied": true }' | jq .

Add root domain A record (if needed)

curl -s -X POST \ "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/dns_records" \ -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ -H "Content-Type: application/json" \ --data '{ "type": "A", "name": "@", "content": "76.76.21.21", "ttl": 1, "proxied": true }' | jq .

Delete a DNS record

curl -s -X DELETE \ "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/dns_records/<record-id>" \ -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" | jq .

Set SSL mode to Full (Strict)

This is required when proxying through Cloudflare to Vercel: curl -s -X PATCH \ "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/settings/ssl" \ -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ -H "Content-Type: application/json" \ --data '{"value": "strict"}' | jq .

Enable Always Use HTTPS

curl -s -X PATCH \ "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/settings/always_use_https" \ -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ -H "Content-Type: application/json" \ --data '{"value": "on"}' | jq .

Set Browser Cache TTL

curl -s -X PATCH \ "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/settings/browser_cache_ttl" \ -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ -H "Content-Type: application/json" \ --data '{"value": 14400}' | jq .

Purge All Cache

Use after major deployments: curl -s -X POST \ "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/purge_cache" \ -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ -H "Content-Type: application/json" \ --data '{"purge_everything": true}' | jq .

Purge Specific URLs

curl -s -X POST \ "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/purge_cache" \ -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ -H "Content-Type: application/json" \ --data '{"files": ["https://example.com/path"]}' | jq .

Create Rate Limiting Rule

Protect API routes from abuse: curl -s -X POST \ "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/rulesets/phases/http_ratelimit/entrypoint" \ -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ -H "Content-Type: application/json" \ --data '{ "rules": [{ "expression": "(http.request.uri.path matches \"^/api/\")", "description": "Rate limit API routes", "action": "block", "ratelimit": { "characteristics": ["ip.src"], "period": 60, "requests_per_period": 100, "mitigation_timeout": 600 } }] }' | jq .

Enable Bot Fight Mode

curl -s -X PUT \ "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/bot_management" \ -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ -H "Content-Type: application/json" \ --data '{"fight_mode": true}' | jq .

Cache static assets aggressively

curl -s -X POST \ "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/pagerules" \ -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ -H "Content-Type: application/json" \ --data '{ "targets": [{"target": "url", "constraint": {"operator": "matches", "value": "*.<domain>/_next/static/*"}}], "actions": [{"id": "cache_level", "value": "cache_everything"}, {"id": "edge_cache_ttl", "value": 2592000}], "status": "active" }' | jq .

Standard Setup for New Projects

When setting up Cloudflare for a new project on Vercel: Add CNAME record pointing to cname.vercel-dns.com. Set SSL to Full (Strict). Enable Always Use HTTPS. Add rate limiting for /api/* routes. Enable Bot Fight Mode. Set browser cache TTL to 4 hours. Create a page rule to cache _next/static/* aggressively. Run all steps in sequence and report the result of each.

522 errors (Connection Timed Out)

Check that SSL is set to Full (Strict), not Flexible. Verify Vercel domain is configured correctly. Check if Cloudflare is proxying (orange cloud) — it should be.

Mixed content warnings

Enable Always Use HTTPS. Check that all internal links use relative paths or https://.

Cache not updating after deploy

Purge cache after deployment. Check that Cache-Control headers are set correctly in vercel.json.

Category context

Long-tail utilities that do not fit the current primary taxonomy cleanly.

Source: Tencent SkillHub

Largest current source with strong distribution and engagement signals.

Package contents

Included in package
1 Docs1 Config
  • SKILL.md Primary doc
  • claw.json Config

Related skills

readyClaw Free
Verified

Academic Writing Expert

Scholarly writing, reviews, and citations

Specializes in academic papers, literature reviews, methodology framing, and citation-heavy scholarly writing.

Other agent claude
Tencent SkillHub Free

111

根据「会议纪要」任务细化的操作流程与使用说明,支持步骤拆解与最佳实践。

Other skill openclaw
Tencent SkillHub Free

12306 Train Query

Query China Railway 12306 for train schedules, remaining tickets, and station info. Use when user asks about train/高铁/火车 tickets, schedules, or availability...

Other skill openclaw