Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

jakenuts/cloudflare

Name: cloudflare
Author: jakenuts

skills/cloudflare/SKILL.md

npx skillsauth add jakenuts/agent-skills cloudflare

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

Cloudflare Management Skill

Created by After Dark Systems, LLC

Overview

This skill provides comprehensive Cloudflare infrastructure management capabilities through the Cloudflare API v4. It enables full control over domains, DNS, security, performance, and serverless deployments.

Authentication

API credentials are stored at ~/cloudflare_global_key. The file contains:

Global API Key for legacy authentication
API Token (Bearer token) for modern authentication

Recommended: Use the Bearer token for API calls:

-H "Authorization: Bearer <token>"

To verify token validity:

./scripts/cf-api.sh verify-token

Available Scripts

All scripts are located in the scripts/ directory and use the credentials from ~/cloudflare_global_key.

Core API Client

cf-api.sh - Base API client with authentication handling

Zone Management

zones.sh - List, get, create, and manage zones
zone-settings.sh - Manage zone-level settings

DNS Management

dns.sh - Full DNS record CRUD operations
dns-import.sh - Bulk import DNS records
dns-export.sh - Export DNS records

Security & Firewall

firewall.sh - Firewall rules management
waf.sh - Web Application Firewall rules
rate-limiting.sh - Rate limiting rules
ip-access.sh - IP access rules (block/allow)
ssl.sh - SSL/TLS configuration

Performance & Caching

cache.sh - Cache purge and settings
page-rules.sh - Page rules management
speed.sh - Speed optimizations (minify, polish, etc.)

Workers & Pages

workers.sh - Cloudflare Workers management
pages.sh - Cloudflare Pages projects

Analytics & Logs

analytics.sh - Traffic and security analytics
logs.sh - Enterprise log access

Quick Start Examples

List All Zones

./scripts/zones.sh list

Get Zone Details

./scripts/zones.sh get <zone_id>
# or by domain name
./scripts/zones.sh get-by-name example.com

List DNS Records

./scripts/dns.sh list <zone_id>
# Filter by type
./scripts/dns.sh list <zone_id> --type A

Create DNS Record

./scripts/dns.sh create <zone_id> \
  --type A \
  --name subdomain \
  --content 192.0.2.1 \
  --ttl 3600 \
  --proxied true

Update DNS Record

./scripts/dns.sh update <zone_id> <record_id> \
  --content 192.0.2.2 \
  --ttl 1800

Delete DNS Record

./scripts/dns.sh delete <zone_id> <record_id>

Purge Cache

# Purge everything
./scripts/cache.sh purge-all <zone_id>

# Purge specific URLs
./scripts/cache.sh purge-urls <zone_id> "https://example.com/page1" "https://example.com/page2"

# Purge by cache tags
./scripts/cache.sh purge-tags <zone_id> tag1 tag2

SSL/TLS Settings

# Get current SSL mode
./scripts/ssl.sh get-mode <zone_id>

# Set SSL mode (off, flexible, full, strict)
./scripts/ssl.sh set-mode <zone_id> strict

Firewall Rules

# List firewall rules
./scripts/firewall.sh list <zone_id>

# Block an IP
./scripts/ip-access.sh block <zone_id> 192.0.2.100 "Suspicious activity"

# Allow an IP
./scripts/ip-access.sh allow <zone_id> 192.0.2.50 "Trusted server"

Workers

# List workers
./scripts/workers.sh list

# Deploy a worker
./scripts/workers.sh deploy <script_name> <script_file>

# Delete a worker
./scripts/workers.sh delete <script_name>

Common Workflows

Setting Up a New Domain

Add the zone:

./scripts/zones.sh create example.com

Get the zone ID:

ZONE_ID=$(./scripts/zones.sh get-by-name example.com --id-only)

Add required DNS records:

./scripts/dns.sh create $ZONE_ID --type A --name @ --content 192.0.2.1 --proxied true
./scripts/dns.sh create $ZONE_ID --type CNAME --name www --content example.com --proxied true
./scripts/dns.sh create $ZONE_ID --type MX --name @ --content mail.example.com --priority 10

Configure SSL:

./scripts/ssl.sh set-mode $ZONE_ID strict

Migrating DNS from Another Provider

Export current records from the source provider
Import to Cloudflare:

./scripts/dns-import.sh <zone_id> records.txt

Emergency: Block Attack Traffic

# Block specific IP
./scripts/ip-access.sh block <zone_id> <attacker_ip> "Attack mitigation"

# Enable Under Attack Mode
./scripts/zone-settings.sh set <zone_id> security_level under_attack

# Purge cache if compromised content was cached
./scripts/cache.sh purge-all <zone_id>

API Reference

See reference.md for complete Cloudflare API v4 documentation including:

All available endpoints
Request/response formats
Error codes and handling
Rate limiting information

Templates

The templates/ directory contains JSON templates for common operations:

dns-records.json - Common DNS record configurations
firewall-rules.json - Firewall rule templates
page-rules.json - Page rule templates
worker-config.json - Worker configuration template

Error Handling

All scripts return appropriate exit codes:

0: Success
1: API error (check stderr for details)
2: Invalid arguments
3: Authentication error
4: Resource not found

Error responses include the Cloudflare error code and message for debugging.

Best Practices

Always use proxied records when possible for DDoS protection
Use strict SSL mode for full end-to-end encryption
Set appropriate TTLs - shorter for dynamic content, longer for static
Test firewall rules in log mode before enforcing
Use API tokens with minimal required permissions
Cache aggressively but purge when content changes
Monitor analytics for unusual traffic patterns

Support

For issues with this skill, contact After Dark Systems, LLC.

For Cloudflare API documentation: https://developers.cloudflare.com/api/

jakenuts/cloudflare

skills/cloudflare/SKILL.md

Manage Cloudflare infrastructure including DNS records, zones, SSL/TLS, caching, firewall rules, Workers, Pages, and analytics. Use when working with Cloudflare APIs, creating or modifying DNS records, managing domain security, purging cache, deploying Workers/Pages, or analyzing traffic. Created by After Dark Systems, LLC.

development

Updated May 23, 2026

$ install --global

skillsauth

npx skillsauth add jakenuts/agent-skills cloudflare

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: May 23, 2026, 8:01 AM159.4s17 files scanned

SKILL.md

name:: cloudflare
description:: Manage Cloudflare infrastructure including DNS records, zones, SSL/TLS, caching, firewall rules, Workers, Pages, and analytics. Use when working with Cloudflare APIs, creating or modifying DNS records, managing domain security, purging cache, deploying Workers/Pages, or analyzing traffic. Created by After Dark Systems, LLC.

Cloudflare Management Skill

Created by After Dark Systems, LLC

Overview

Authentication

API credentials are stored at ~/cloudflare_global_key. The file contains:

Global API Key for legacy authentication
API Token (Bearer token) for modern authentication

Recommended: Use the Bearer token for API calls:

-H "Authorization: Bearer <token>"

To verify token validity:

./scripts/cf-api.sh verify-token

Available Scripts

All scripts are located in the scripts/ directory and use the credentials from ~/cloudflare_global_key.

Core API Client

cf-api.sh - Base API client with authentication handling

Zone Management

zones.sh - List, get, create, and manage zones
zone-settings.sh - Manage zone-level settings

DNS Management

dns.sh - Full DNS record CRUD operations
dns-import.sh - Bulk import DNS records
dns-export.sh - Export DNS records

Security & Firewall

firewall.sh - Firewall rules management
waf.sh - Web Application Firewall rules
rate-limiting.sh - Rate limiting rules
ip-access.sh - IP access rules (block/allow)
ssl.sh - SSL/TLS configuration

Performance & Caching

cache.sh - Cache purge and settings
page-rules.sh - Page rules management
speed.sh - Speed optimizations (minify, polish, etc.)

Workers & Pages

workers.sh - Cloudflare Workers management
pages.sh - Cloudflare Pages projects

Analytics & Logs

analytics.sh - Traffic and security analytics
logs.sh - Enterprise log access

Quick Start Examples

List All Zones

./scripts/zones.sh list

Get Zone Details

./scripts/zones.sh get <zone_id>
# or by domain name
./scripts/zones.sh get-by-name example.com

List DNS Records

./scripts/dns.sh list <zone_id>
# Filter by type
./scripts/dns.sh list <zone_id> --type A

Create DNS Record

./scripts/dns.sh create <zone_id> \
  --type A \
  --name subdomain \
  --content 192.0.2.1 \
  --ttl 3600 \
  --proxied true

Update DNS Record

./scripts/dns.sh update <zone_id> <record_id> \
  --content 192.0.2.2 \
  --ttl 1800

Delete DNS Record

./scripts/dns.sh delete <zone_id> <record_id>

Purge Cache

# Purge everything
./scripts/cache.sh purge-all <zone_id>

# Purge specific URLs
./scripts/cache.sh purge-urls <zone_id> "https://example.com/page1" "https://example.com/page2"

# Purge by cache tags
./scripts/cache.sh purge-tags <zone_id> tag1 tag2

SSL/TLS Settings

# Get current SSL mode
./scripts/ssl.sh get-mode <zone_id>

# Set SSL mode (off, flexible, full, strict)
./scripts/ssl.sh set-mode <zone_id> strict

Firewall Rules

# List firewall rules
./scripts/firewall.sh list <zone_id>

# Block an IP
./scripts/ip-access.sh block <zone_id> 192.0.2.100 "Suspicious activity"

# Allow an IP
./scripts/ip-access.sh allow <zone_id> 192.0.2.50 "Trusted server"

Workers

# List workers
./scripts/workers.sh list

# Deploy a worker
./scripts/workers.sh deploy <script_name> <script_file>

# Delete a worker
./scripts/workers.sh delete <script_name>

Common Workflows

Setting Up a New Domain

Add the zone:

./scripts/zones.sh create example.com

Get the zone ID:

ZONE_ID=$(./scripts/zones.sh get-by-name example.com --id-only)

Add required DNS records:

./scripts/dns.sh create $ZONE_ID --type A --name @ --content 192.0.2.1 --proxied true
./scripts/dns.sh create $ZONE_ID --type CNAME --name www --content example.com --proxied true
./scripts/dns.sh create $ZONE_ID --type MX --name @ --content mail.example.com --priority 10

Configure SSL:

./scripts/ssl.sh set-mode $ZONE_ID strict

Migrating DNS from Another Provider

Export current records from the source provider
Import to Cloudflare:

./scripts/dns-import.sh <zone_id> records.txt

Emergency: Block Attack Traffic

# Block specific IP
./scripts/ip-access.sh block <zone_id> <attacker_ip> "Attack mitigation"

# Enable Under Attack Mode
./scripts/zone-settings.sh set <zone_id> security_level under_attack

# Purge cache if compromised content was cached
./scripts/cache.sh purge-all <zone_id>

API Reference

See reference.md for complete Cloudflare API v4 documentation including:

All available endpoints
Request/response formats
Error codes and handling
Rate limiting information

Templates

The templates/ directory contains JSON templates for common operations:

dns-records.json - Common DNS record configurations
firewall-rules.json - Firewall rule templates
page-rules.json - Page rule templates
worker-config.json - Worker configuration template

Error Handling

All scripts return appropriate exit codes:

0: Success
1: API error (check stderr for details)
2: Invalid arguments
3: Authentication error
4: Resource not found

Error responses include the Cloudflare error code and message for debugging.

Best Practices

Always use proxied records when possible for DDoS protection
Use strict SSL mode for full end-to-end encryption
Set appropriate TTLs - shorter for dynamic content, longer for static
Test firewall rules in log mode before enforcing
Use API tokens with minimal required permissions
Cache aggressively but purge when content changes
Monitor analytics for unusual traffic patterns

Support

For issues with this skill, contact After Dark Systems, LLC.

For Cloudflare API documentation: https://developers.cloudflare.com/api/

Related Skills

jakenuts/wordpress-content-manager

development

VerifiedTrustedCommunity

WordPress content management via REST API for managing posts. Requires Node.js and WordPress REST API credentials.

SKILL.mdUpdated May 23, 2026

jakenuts/wordpress-content-manager

jakenuts/wolverine

development

VerifiedTrustedCommunity

WolverineFx (.NET) framework for in-process command/event handling, asynchronous messaging, durable inbox/outbox, sagas, and HTTP endpoints. Use when working in a .NET project that references `WolverineFx*` packages, calls `UseWolverine()`, or whenever the user asks about Wolverine handlers, message routing, transactional outbox, transports (RabbitMQ, Azure Service Bus, SQS, Kafka, NATS, Pulsar, PostgreSQL, SQL Server, Redis, MQTT, etc.), Wolverine.HTTP endpoints, Marten/EF Core/RavenDb integration, sagas/process managers, middleware, cascading messages, side effects, FluentValidation integration, tracked-session testing, or migrating to/from MediatR/NServiceBus/MassTransit. Also applies to Critter Stack and JasperFx conversations that mention Wolverine.

SKILL.mdUpdated May 23, 2026

jakenuts/solarwinds-logs

tools

VerifiedTrustedCommunity

Search and analyze DealerVision production logs via SolarWinds Observability API. Use when investigating errors, debugging issues, checking system health, or when the user mentions logs, SolarWinds, production errors, or system monitoring. Requires the `logs` CLI tool to be installed.

SKILL.mdUpdated May 23, 2026

jakenuts/solarwinds-logs

jakenuts/skill-creator

tools

VerifiedTrustedCommunity

Guide for creating effective skills. This skill should be used when users want to create a new skill (or update an existing skill) that extends Claude's capabilities with specialized knowledge, workflows, or tool integrations.

SKILL.mdUpdated May 23, 2026

jakenuts/skill-creator

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/jakenuts/agent-skills.git

# Copy into Claude Code skills folder (global)
cp -r agent-skills/skills/cloudflare ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

jakenuts/agent-skills

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT