# Send Cloudflare R2 CLI to your agent Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually. ## Fast path - Download the package from Yavira. - Extract it into a folder your agent can access. - Paste one of the prompts below and point your agent at the extracted folder. ## Suggested prompts ### New install ```text I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete. ``` ### Upgrade existing ```text I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run. ``` ## Machine-readable fields ```json { "schemaVersion": "1.0", "item": { "slug": "r2-cli", "name": "Cloudflare R2 CLI", "source": "tencent", "type": "skill", "category": "开发工具", "sourceUrl": "https://clawhub.ai/zororaka00/r2-cli", "canonicalUrl": "https://clawhub.ai/zororaka00/r2-cli", "targetPlatform": "OpenClaw" }, "install": { "downloadUrl": "/downloads/r2-cli", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=r2-cli", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "packageFormat": "ZIP package", "primaryDoc": "SKILL.md", "includedAssets": [ "SKILL.md", "r2.py" ], "downloadMode": "redirect", "sourceHealth": { "source": "tencent", "slug": "r2-cli", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-05-01T21:29:24.724Z", "expiresAt": "2026-05-08T21:29:24.724Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=r2-cli", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=r2-cli", "contentDisposition": "attachment; filename=\"r2-cli-1.0.6.zip\"", "redirectLocation": null, "bodySnippet": null, "slug": "r2-cli" }, "scope": "item", "summary": "Item download looks usable.", "detail": "Yavira can redirect you to the upstream package for this item.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/r2-cli" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] } }, "links": { "detailUrl": "https://openagent3.xyz/skills/r2-cli", "downloadUrl": "https://openagent3.xyz/downloads/r2-cli", "agentUrl": "https://openagent3.xyz/skills/r2-cli/agent", "manifestUrl": "https://openagent3.xyz/skills/r2-cli/agent.json", "briefUrl": "https://openagent3.xyz/skills/r2-cli/agent.md" } } ``` ## Documentation ### Skill Metadata name: "r2-cli" description: "A minimal CLI tool for interacting with Cloudflare R2 storage using Python. Supports upload, download, list, and delete operations via S3-compatible API with AWS Signature V4." version: "1.0.6" author: username: "@zororaka00" name: "Web3 Hungry" x_account: "https://x.com/web3hungry" category: "storage" tags: ["cloudflare", "python", "r2", "storage"] source: "r2.py" credentials: required: true type: "environment" variables: - CF_R2_ACCOUNT_ID - CF_R2_ACCESS_KEY_ID - CF_R2_SECRET_ACCESS_KEY - CF_R2_BUCKET - CF_R2_REGION runtime: language: "python" version: "3.11+" dependencies: - "defusedxml>=0.7.1" env: - name: "CF_R2_ACCOUNT_ID" required: true description: "Cloudflare account ID" - name: "CF_R2_ACCESS_KEY_ID" required: true description: "R2 access key ID" - name: "CF_R2_SECRET_ACCESS_KEY" required: true description: "R2 secret access key" - name: "CF_R2_BUCKET" required: true description: "R2 bucket name" - name: "CF_R2_REGION" required: false description: "Region (default: auto)" required_env_vars: - CF_R2_ACCOUNT_ID - CF_R2_ACCESS_KEY_ID - CF_R2_SECRET_ACCESS_KEY - CF_R2_BUCKET - CF_R2_REGION primaryEnv: CF_R2_ACCESS_KEY_ID primarySecretEnv: CF_R2_SECRET_ACCESS_KEY ### Overview This skill provides a minimal CLI tool for interacting with Cloudflare R2 storage using Python. The script (r2.py) implements upload, download, list, and delete operations via the Cloudflare R2 S3-compatible API. It is designed for secure usage in restricted environments with minimal dependencies while following modern security best practices. ### Dependencies Python 3.11+ Requires: defusedxml (for secure XML parsing) The tool primarily uses the Python standard library. Only defusedxml is required to harden XML parsing against known attacks. ### Installation No package installation is required for the CLI itself. If defusedxml is not already available: pip install defusedxml ### Features Upload objects to a bucket Download objects from a bucket List objects in a bucket Delete objects from a bucket AWS Signature V4 compatible authentication (HMAC SHA256) Secure credential handling via environment variables Hardened HTTP client with HTTPS-only enforcement Safe XML parsing using defused XML protections ### Prerequisites Python 3.11+ Cloudflare account with R2 enabled Bucket created in Cloudflare R2 API keys with appropriate permissions (least privilege) Bucket name must be DNS-compliant (lowercase letters, numbers, hyphens, 3–63 characters, no underscores) ### Environment Variables VariableDescriptionExampleCF_R2_ACCOUNT_IDCloudflare account ID123e4567-e89b-12d3-a456-426614174000CF_R2_ACCESS_KEY_IDR2 access key IDAKIAxxxxxxxxxxxxCF_R2_SECRET_ACCESS_KEYR2 secret keyxxxxxxxxxxxxxxxxxxxxxxxxCF_R2_BUCKETBucket namemy-r2-bucketCF_R2_REGIONRegion (default: auto)auto CF_R2_REGION behavior: auto (default): automatically selects the appropriate region for Cloudflare R2. Custom value: you may specify a region string if required by your environment (for example us-east-1 for compatibility scenarios). ### Environment Setup This tool reads credentials directly from operating system environment variables. Set the variables globally before running the CLI. ### Linux / macOS (bash / zsh) export CF_R2_ACCOUNT_ID="your_account_id" export CF_R2_ACCESS_KEY_ID="your_access_key" export CF_R2_SECRET_ACCESS_KEY="your_secret_key" export CF_R2_BUCKET="your_bucket_name" export CF_R2_REGION="auto" Security Note: These credentials should only be set temporarily in the current session. For production environments, use secure secret management solutions. ### Windows (PowerShell) $env:CF_R2_ACCOUNT_ID="your_account_id" $env:CF_R2_ACCESS_KEY_ID="your_access_key" $env:CF_R2_SECRET_ACCESS_KEY="your_secret_key" $env:CF_R2_BUCKET="your_bucket_name" $env:CF_R2_REGION="auto" Security Note: These credentials should only be set temporarily in the current session. For production environments, use secure secret management solutions. ### Recommended Secure Credential Management For production environments, consider using: Cloudflare Workers Secrets (for Cloudflare environments) AWS Secrets Manager (if using AWS) HashiCorp Vault (enterprise secret management) Docker Secrets (for containerized deployments) Kubernetes Secrets (for Kubernetes environments) OS-level keyring (e.g., keyring Python package) ### Verify Environment echo $CF_R2_ACCOUNT_ID If a value prints, the environment is configured correctly. Important: Never commit credentials to version control. Use environment variables provided by your operating system or a secure secret management solution. ### Usage # Upload a file python r2.py upload --file local_file.txt --key remote_file.txt # Download a file python r2.py download --key remote_file.txt --file local_file.txt # List objects python r2.py list # Delete an object python r2.py delete --key remote_file.txt ### Security Best Practices Never commit credentials to version control. Use environment variables managed by your operating system, container runtime, or secret manager. Apply least-privilege access when creating API keys. Rotate keys regularly and revoke compromised keys. All credentials are loaded at runtime from environment variables. HTTPS is strictly enforced and hostnames are validated to prevent unexpected network access. XML responses are parsed using the defusedxml library to prevent XXE and entity expansion attacks. Errors are handled without exposing sensitive information such as credentials or secrets. ### Credential Security Never store credentials inside source code or configuration files committed to version control. Use environment variables provided by your operating system or a secure secret management solution. ### Future Improvements Multipart uploads for large objects Retry with exponential backoff Progress indicators Bucket management commands Streaming upload/download to reduce memory usage ## Trust - Source: tencent - Verification: Indexed source record - Publisher: zororaka00 - Version: 1.0.6 ## Source health - Status: healthy - Item download looks usable. - Yavira can redirect you to the upstream package for this item. - Health scope: item - Reason: direct_download_ok - Checked at: 2026-05-01T21:29:24.724Z - Expires at: 2026-05-08T21:29:24.724Z - Recommended action: Download for OpenClaw ## Links - [Detail page](https://openagent3.xyz/skills/r2-cli) - [Send to Agent page](https://openagent3.xyz/skills/r2-cli/agent) - [JSON manifest](https://openagent3.xyz/skills/r2-cli/agent.json) - [Markdown brief](https://openagent3.xyz/skills/r2-cli/agent.md) - [Download page](https://openagent3.xyz/downloads/r2-cli)