{ "schemaVersion": "1.0", "item": { "slug": "r2-cli", "name": "Cloudflare R2 CLI", "source": "tencent", "type": "skill", "category": "开发工具", "sourceUrl": "https://clawhub.ai/zororaka00/r2-cli", "canonicalUrl": "https://clawhub.ai/zororaka00/r2-cli", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/r2-cli", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=r2-cli", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "SKILL.md", "r2.py" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "slug": "r2-cli", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-05-01T21:29:24.724Z", "expiresAt": "2026-05-08T21:29:24.724Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=r2-cli", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=r2-cli", "contentDisposition": "attachment; filename=\"r2-cli-1.0.6.zip\"", "redirectLocation": null, "bodySnippet": null, "slug": "r2-cli" }, "scope": "item", "summary": "Item download looks usable.", "detail": "Yavira can redirect you to the upstream package for this item.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/r2-cli" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/r2-cli", "agentPageUrl": "https://openagent3.xyz/skills/r2-cli/agent", "manifestUrl": "https://openagent3.xyz/skills/r2-cli/agent.json", "briefUrl": "https://openagent3.xyz/skills/r2-cli/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "Skill Metadata", "body": "name: \"r2-cli\"\ndescription: \"A minimal CLI tool for interacting with Cloudflare R2 storage using Python. Supports upload, download, list, and delete operations via S3-compatible API with AWS Signature V4.\"\nversion: \"1.0.6\"\nauthor:\n username: \"@zororaka00\"\n name: \"Web3 Hungry\"\n x_account: \"https://x.com/web3hungry\"\ncategory: \"storage\"\ntags: [\"cloudflare\", \"python\", \"r2\", \"storage\"]\nsource: \"r2.py\"\ncredentials:\n required: true\n type: \"environment\"\n variables:\n - CF_R2_ACCOUNT_ID\n - CF_R2_ACCESS_KEY_ID\n - CF_R2_SECRET_ACCESS_KEY\n - CF_R2_BUCKET\n - CF_R2_REGION\nruntime:\n language: \"python\"\n version: \"3.11+\"\n dependencies:\n - \"defusedxml>=0.7.1\"\n env:\n - name: \"CF_R2_ACCOUNT_ID\"\n required: true\n description: \"Cloudflare account ID\"\n - name: \"CF_R2_ACCESS_KEY_ID\"\n required: true\n description: \"R2 access key ID\"\n - name: \"CF_R2_SECRET_ACCESS_KEY\"\n required: true\n description: \"R2 secret access key\"\n - name: \"CF_R2_BUCKET\"\n required: true\n description: \"R2 bucket name\"\n - name: \"CF_R2_REGION\"\n required: false\n description: \"Region (default: auto)\"\n\nrequired_env_vars:\n - CF_R2_ACCOUNT_ID\n - CF_R2_ACCESS_KEY_ID\n - CF_R2_SECRET_ACCESS_KEY\n - CF_R2_BUCKET\n - CF_R2_REGION\nprimaryEnv: CF_R2_ACCESS_KEY_ID\nprimarySecretEnv: CF_R2_SECRET_ACCESS_KEY" }, { "title": "Overview", "body": "This skill provides a minimal CLI tool for interacting with Cloudflare R2 storage using Python.\nThe script (r2.py) implements upload, download, list, and delete operations via the Cloudflare R2 S3-compatible API.\n\nIt is designed for secure usage in restricted environments with minimal dependencies while following modern security best practices." }, { "title": "Dependencies", "body": "Python 3.11+\nRequires: defusedxml (for secure XML parsing)\n\nThe tool primarily uses the Python standard library. Only defusedxml is required to harden XML parsing against known attacks." }, { "title": "Installation", "body": "No package installation is required for the CLI itself.\n\nIf defusedxml is not already available:\n\npip install defusedxml" }, { "title": "Features", "body": "Upload objects to a bucket\nDownload objects from a bucket\nList objects in a bucket\nDelete objects from a bucket\nAWS Signature V4 compatible authentication (HMAC SHA256)\nSecure credential handling via environment variables\nHardened HTTP client with HTTPS-only enforcement\nSafe XML parsing using defused XML protections" }, { "title": "Prerequisites", "body": "Python 3.11+\nCloudflare account with R2 enabled\nBucket created in Cloudflare R2\nAPI keys with appropriate permissions (least privilege)\nBucket name must be DNS-compliant (lowercase letters, numbers, hyphens, 3–63 characters, no underscores)" }, { "title": "Environment Variables", "body": "VariableDescriptionExampleCF_R2_ACCOUNT_IDCloudflare account ID123e4567-e89b-12d3-a456-426614174000CF_R2_ACCESS_KEY_IDR2 access key IDAKIAxxxxxxxxxxxxCF_R2_SECRET_ACCESS_KEYR2 secret keyxxxxxxxxxxxxxxxxxxxxxxxxCF_R2_BUCKETBucket namemy-r2-bucketCF_R2_REGIONRegion (default: auto)auto\n\nCF_R2_REGION behavior:\n\nauto (default): automatically selects the appropriate region for Cloudflare R2.\nCustom value: you may specify a region string if required by your environment (for example us-east-1 for compatibility scenarios)." }, { "title": "Environment Setup", "body": "This tool reads credentials directly from operating system environment variables.\nSet the variables globally before running the CLI." }, { "title": "Linux / macOS (bash / zsh)", "body": "export CF_R2_ACCOUNT_ID=\"your_account_id\"\nexport CF_R2_ACCESS_KEY_ID=\"your_access_key\"\nexport CF_R2_SECRET_ACCESS_KEY=\"your_secret_key\"\nexport CF_R2_BUCKET=\"your_bucket_name\"\nexport CF_R2_REGION=\"auto\"\n\nSecurity Note: These credentials should only be set temporarily in the current session. For production environments, use secure secret management solutions." }, { "title": "Windows (PowerShell)", "body": "$env:CF_R2_ACCOUNT_ID=\"your_account_id\"\n$env:CF_R2_ACCESS_KEY_ID=\"your_access_key\"\n$env:CF_R2_SECRET_ACCESS_KEY=\"your_secret_key\"\n$env:CF_R2_BUCKET=\"your_bucket_name\"\n$env:CF_R2_REGION=\"auto\"\n\nSecurity Note: These credentials should only be set temporarily in the current session. For production environments, use secure secret management solutions." }, { "title": "Recommended Secure Credential Management", "body": "For production environments, consider using:\n\nCloudflare Workers Secrets (for Cloudflare environments)\nAWS Secrets Manager (if using AWS)\nHashiCorp Vault (enterprise secret management)\nDocker Secrets (for containerized deployments)\nKubernetes Secrets (for Kubernetes environments)\nOS-level keyring (e.g., keyring Python package)" }, { "title": "Verify Environment", "body": "echo $CF_R2_ACCOUNT_ID\n\nIf a value prints, the environment is configured correctly.\n\nImportant: Never commit credentials to version control. Use environment variables provided by your operating system or a secure secret management solution." }, { "title": "Usage", "body": "# Upload a file\npython r2.py upload --file local_file.txt --key remote_file.txt\n\n# Download a file\npython r2.py download --key remote_file.txt --file local_file.txt\n\n# List objects\npython r2.py list\n\n# Delete an object\npython r2.py delete --key remote_file.txt" }, { "title": "Security Best Practices", "body": "Never commit credentials to version control.\nUse environment variables managed by your operating system, container runtime, or secret manager.\nApply least-privilege access when creating API keys.\nRotate keys regularly and revoke compromised keys.\nAll credentials are loaded at runtime from environment variables.\nHTTPS is strictly enforced and hostnames are validated to prevent unexpected network access.\nXML responses are parsed using the defusedxml library to prevent XXE and entity expansion attacks.\nErrors are handled without exposing sensitive information such as credentials or secrets." }, { "title": "Credential Security", "body": "Never store credentials inside source code or configuration files committed to version control.\nUse environment variables provided by your operating system or a secure secret management solution." }, { "title": "Future Improvements", "body": "Multipart uploads for large objects\nRetry with exponential backoff\nProgress indicators\nBucket management commands\nStreaming upload/download to reduce memory usage" } ], "body": "Cloudflare R2 CLI Skill\nSkill Metadata\nname: \"r2-cli\"\ndescription: \"A minimal CLI tool for interacting with Cloudflare R2 storage using Python. Supports upload, download, list, and delete operations via S3-compatible API with AWS Signature V4.\"\nversion: \"1.0.6\"\nauthor:\n username: \"@zororaka00\"\n name: \"Web3 Hungry\"\n x_account: \"https://x.com/web3hungry\"\ncategory: \"storage\"\ntags: [\"cloudflare\", \"python\", \"r2\", \"storage\"]\nsource: \"r2.py\"\ncredentials:\n required: true\n type: \"environment\"\n variables:\n - CF_R2_ACCOUNT_ID\n - CF_R2_ACCESS_KEY_ID\n - CF_R2_SECRET_ACCESS_KEY\n - CF_R2_BUCKET\n - CF_R2_REGION\nruntime:\n language: \"python\"\n version: \"3.11+\"\n dependencies:\n - \"defusedxml>=0.7.1\"\n env:\n - name: \"CF_R2_ACCOUNT_ID\"\n required: true\n description: \"Cloudflare account ID\"\n - name: \"CF_R2_ACCESS_KEY_ID\"\n required: true\n description: \"R2 access key ID\"\n - name: \"CF_R2_SECRET_ACCESS_KEY\"\n required: true\n description: \"R2 secret access key\"\n - name: \"CF_R2_BUCKET\"\n required: true\n description: \"R2 bucket name\"\n - name: \"CF_R2_REGION\"\n required: false\n description: \"Region (default: auto)\"\n\nrequired_env_vars:\n - CF_R2_ACCOUNT_ID\n - CF_R2_ACCESS_KEY_ID\n - CF_R2_SECRET_ACCESS_KEY\n - CF_R2_BUCKET\n - CF_R2_REGION\nprimaryEnv: CF_R2_ACCESS_KEY_ID\nprimarySecretEnv: CF_R2_SECRET_ACCESS_KEY\n\nOverview\n\nThis skill provides a minimal CLI tool for interacting with Cloudflare R2 storage using Python. The script (r2.py) implements upload, download, list, and delete operations via the Cloudflare R2 S3-compatible API.\n\nIt is designed for secure usage in restricted environments with minimal dependencies while following modern security best practices.\n\nDependencies\nPython 3.11+\nRequires: defusedxml (for secure XML parsing)\n\nThe tool primarily uses the Python standard library. Only defusedxml is required to harden XML parsing against known attacks.\n\nInstallation\n\nNo package installation is required for the CLI itself.\n\nIf defusedxml is not already available:\n\npip install defusedxml\n\nFeatures\nUpload objects to a bucket\nDownload objects from a bucket\nList objects in a bucket\nDelete objects from a bucket\nAWS Signature V4 compatible authentication (HMAC SHA256)\nSecure credential handling via environment variables\nHardened HTTP client with HTTPS-only enforcement\nSafe XML parsing using defused XML protections\nPrerequisites\nPython 3.11+\nCloudflare account with R2 enabled\nBucket created in Cloudflare R2\nAPI keys with appropriate permissions (least privilege)\nBucket name must be DNS-compliant (lowercase letters, numbers, hyphens, 3–63 characters, no underscores)\nEnvironment Variables\nVariable\tDescription\tExample\nCF_R2_ACCOUNT_ID\tCloudflare account ID\t123e4567-e89b-12d3-a456-426614174000\nCF_R2_ACCESS_KEY_ID\tR2 access key ID\tAKIAxxxxxxxxxxxx\nCF_R2_SECRET_ACCESS_KEY\tR2 secret key\txxxxxxxxxxxxxxxxxxxxxxxx\nCF_R2_BUCKET\tBucket name\tmy-r2-bucket\nCF_R2_REGION\tRegion (default: auto)\tauto\n\nCF_R2_REGION behavior:\n\nauto (default): automatically selects the appropriate region for Cloudflare R2.\nCustom value: you may specify a region string if required by your environment (for example us-east-1 for compatibility scenarios).\nEnvironment Setup\n\nThis tool reads credentials directly from operating system environment variables. Set the variables globally before running the CLI.\n\nLinux / macOS (bash / zsh)\nexport CF_R2_ACCOUNT_ID=\"your_account_id\"\nexport CF_R2_ACCESS_KEY_ID=\"your_access_key\"\nexport CF_R2_SECRET_ACCESS_KEY=\"your_secret_key\"\nexport CF_R2_BUCKET=\"your_bucket_name\"\nexport CF_R2_REGION=\"auto\"\n\n\nSecurity Note: These credentials should only be set temporarily in the current session. For production environments, use secure secret management solutions.\n\nWindows (PowerShell)\n$env:CF_R2_ACCOUNT_ID=\"your_account_id\"\n$env:CF_R2_ACCESS_KEY_ID=\"your_access_key\"\n$env:CF_R2_SECRET_ACCESS_KEY=\"your_secret_key\"\n$env:CF_R2_BUCKET=\"your_bucket_name\"\n$env:CF_R2_REGION=\"auto\"\n\n\nSecurity Note: These credentials should only be set temporarily in the current session. For production environments, use secure secret management solutions.\n\nRecommended Secure Credential Management\n\nFor production environments, consider using:\n\nCloudflare Workers Secrets (for Cloudflare environments)\nAWS Secrets Manager (if using AWS)\nHashiCorp Vault (enterprise secret management)\nDocker Secrets (for containerized deployments)\nKubernetes Secrets (for Kubernetes environments)\nOS-level keyring (e.g., keyring Python package)\nVerify Environment\necho $CF_R2_ACCOUNT_ID\n\n\nIf a value prints, the environment is configured correctly.\n\nImportant: Never commit credentials to version control. Use environment variables provided by your operating system or a secure secret management solution.\n\nUsage\n# Upload a file\npython r2.py upload --file local_file.txt --key remote_file.txt\n\n# Download a file\npython r2.py download --key remote_file.txt --file local_file.txt\n\n# List objects\npython r2.py list\n\n# Delete an object\npython r2.py delete --key remote_file.txt\n\nSecurity Best Practices\nNever commit credentials to version control.\nUse environment variables managed by your operating system, container runtime, or secret manager.\nApply least-privilege access when creating API keys.\nRotate keys regularly and revoke compromised keys.\nAll credentials are loaded at runtime from environment variables.\nHTTPS is strictly enforced and hostnames are validated to prevent unexpected network access.\nXML responses are parsed using the defusedxml library to prevent XXE and entity expansion attacks.\nErrors are handled without exposing sensitive information such as credentials or secrets.\nCredential Security\n\nNever store credentials inside source code or configuration files committed to version control. Use environment variables provided by your operating system or a secure secret management solution.\n\nFuture Improvements\nMultipart uploads for large objects\nRetry with exponential backoff\nProgress indicators\nBucket management commands\nStreaming upload/download to reduce memory usage" }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/zororaka00/r2-cli", "publisherUrl": "https://clawhub.ai/zororaka00/r2-cli", "owner": "zororaka00", "version": "1.0.6", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/r2-cli", "downloadUrl": "https://openagent3.xyz/downloads/r2-cli", "agentUrl": "https://openagent3.xyz/skills/r2-cli/agent", "manifestUrl": "https://openagent3.xyz/skills/r2-cli/agent.json", "briefUrl": "https://openagent3.xyz/skills/r2-cli/agent.md" } }