oldwinter/cloudflare-deploy
devops-skills/cloudflare-deploy/SKILL.md
Deploy applications and infrastructure to Cloudflare using Workers, Pages, and related platform services. Use when the user asks to deploy, host, publish, or set up a project on Cloudflare.
$ install --global
skillsauthnpx skillsauth add oldwinter/skills cloudflare-deployInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Jun 9, 2026, 8:42 AM1.4s1 file scanned
SKILL.md
- name:
- cloudflare-deploy
- description:
- Deploy applications and infrastructure to Cloudflare using Workers, Pages, and related platform services. Use when the user asks to deploy, host, publish, or set up a project on Cloudflare.
Cloudflare Deploy
Consolidated skill for building on the Cloudflare platform. Use decision trees below to find the right product, then load detailed references.
Prerequisites
- When sandboxing blocks the deployment network calls, rerun with
sandbox_permissions=require_escalated. - The deployment might take a few minutes. Use appropriate timeout values.
Authentication (Required Before Deploy)
Verify auth before wrangler deploy, wrangler pages deploy, or npm run deploy:
npx wrangler whoami # Shows account if authenticated
Not authenticated? → references/wrangler/auth.md
- Interactive/local:
wrangler login(one-time OAuth) - CI/CD: Set
CLOUDFLARE_API_TOKENenv var
Quick Decision Trees
"I need to run code"
Need to run code?
├─ Serverless functions at the edge → workers/
├─ Full-stack web app with Git deploys → pages/
├─ Stateful coordination/real-time → durable-objects/
├─ Long-running multi-step jobs → workflows/
├─ Run containers → containers/
├─ Multi-tenant (customers deploy code) → workers-for-platforms/
├─ Scheduled tasks (cron) → cron-triggers/
├─ Lightweight edge logic (modify HTTP) → snippets/
├─ Process Worker execution events (logs/observability) → tail-workers/
└─ Optimize latency to backend infrastructure → smart-placement/
"I need to store data"
Need storage?
├─ Key-value (config, sessions, cache) → kv/
├─ Relational SQL → d1/ (SQLite) or hyperdrive/ (existing Postgres/MySQL)
├─ Object/file storage (S3-compatible) → r2/
├─ Message queue (async processing) → queues/
├─ Vector embeddings (AI/semantic search) → vectorize/
├─ Strongly-consistent per-entity state → durable-objects/ (DO storage)
├─ Secrets management → secrets-store/
├─ Streaming ETL to R2 → pipelines/
└─ Persistent cache (long-term retention) → cache-reserve/
"I need AI/ML"
Need AI?
├─ Run inference (LLMs, embeddings, images) → workers-ai/
├─ Vector database for RAG/search → vectorize/
├─ Build stateful AI agents → agents-sdk/
├─ Gateway for any AI provider (caching, routing) → ai-gateway/
└─ AI-powered search widget → ai-search/
"I need networking/connectivity"
Need networking?
├─ Expose local service to internet → tunnel/
├─ TCP/UDP proxy (non-HTTP) → spectrum/
├─ WebRTC TURN server → turn/
├─ Private network connectivity → network-interconnect/
├─ Optimize routing → argo-smart-routing/
├─ Optimize latency to backend (not user) → smart-placement/
└─ Real-time video/audio → realtimekit/ or realtime-sfu/
"I need security"
Need security?
├─ Web Application Firewall → waf/
├─ DDoS protection → ddos/
├─ Bot detection/management → bot-management/
├─ API protection → api-shield/
├─ CAPTCHA alternative → turnstile/
└─ Credential leak detection → waf/ (managed ruleset)
"I need media/content"
Need media?
├─ Image optimization/transformation → images/
├─ Video streaming/encoding → stream/
├─ Browser automation/screenshots → browser-rendering/
└─ Third-party script management → zaraz/
"I need infrastructure-as-code"
Need IaC? → pulumi/ (Pulumi), terraform/ (Terraform), or api/ (REST API)
Product Index
Compute & Runtime
| Product | Reference |
|---------|-----------|
| Workers | references/workers/ |
| Pages | references/pages/ |
| Pages Functions | references/pages-functions/ |
| Durable Objects | references/durable-objects/ |
| Workflows | references/workflows/ |
| Containers | references/containers/ |
| Workers for Platforms | references/workers-for-platforms/ |
| Cron Triggers | references/cron-triggers/ |
| Tail Workers | references/tail-workers/ |
| Snippets | references/snippets/ |
| Smart Placement | references/smart-placement/ |
Storage & Data
| Product | Reference |
|---------|-----------|
| KV | references/kv/ |
| D1 | references/d1/ |
| R2 | references/r2/ |
| Queues | references/queues/ |
| Hyperdrive | references/hyperdrive/ |
| DO Storage | references/do-storage/ |
| Secrets Store | references/secrets-store/ |
| Pipelines | references/pipelines/ |
| R2 Data Catalog | references/r2-data-catalog/ |
| R2 SQL | references/r2-sql/ |
AI & Machine Learning
| Product | Reference |
|---------|-----------|
| Workers AI | references/workers-ai/ |
| Vectorize | references/vectorize/ |
| Agents SDK | references/agents-sdk/ |
| AI Gateway | references/ai-gateway/ |
| AI Search | references/ai-search/ |
Networking & Connectivity
| Product | Reference |
|---------|-----------|
| Tunnel | references/tunnel/ |
| Spectrum | references/spectrum/ |
| TURN | references/turn/ |
| Network Interconnect | references/network-interconnect/ |
| Argo Smart Routing | references/argo-smart-routing/ |
| Workers VPC | references/workers-vpc/ |
Security
| Product | Reference |
|---------|-----------|
| WAF | references/waf/ |
| DDoS Protection | references/ddos/ |
| Bot Management | references/bot-management/ |
| API Shield | references/api-shield/ |
| Turnstile | references/turnstile/ |
Media & Content
| Product | Reference |
|---------|-----------|
| Images | references/images/ |
| Stream | references/stream/ |
| Browser Rendering | references/browser-rendering/ |
| Zaraz | references/zaraz/ |
Real-Time Communication
| Product | Reference |
|---------|-----------|
| RealtimeKit | references/realtimekit/ |
| Realtime SFU | references/realtime-sfu/ |
Developer Tools
| Product | Reference |
|---------|-----------|
| Wrangler | references/wrangler/ |
| Miniflare | references/miniflare/ |
| C3 | references/c3/ |
| Observability | references/observability/ |
| Analytics Engine | references/analytics-engine/ |
| Web Analytics | references/web-analytics/ |
| Sandbox | references/sandbox/ |
| Workerd | references/workerd/ |
| Workers Playground | references/workers-playground/ |
Infrastructure as Code
| Product | Reference |
|---------|-----------|
| Pulumi | references/pulumi/ |
| Terraform | references/terraform/ |
| API | references/api/ |
Other Services
| Product | Reference |
|---------|-----------|
| Email Routing | references/email-routing/ |
| Email Workers | references/email-workers/ |
| Static Assets | references/static-assets/ |
| Bindings | references/bindings/ |
| Cache Reserve | references/cache-reserve/ |
Troubleshooting
Escalated Network Access
If deployment fails due to network issues (timeouts, DNS errors, connection resets), rerun the deploy with escalated permissions (use sandbox_permissions=require_escalated). The deploy requires escalated network access when sandbox networking blocks outbound requests.
Example guidance to the user:
The deploy needs escalated network access to deploy to Cloudflare. I can rerun the command with escalated permissions—want me to proceed?
Related Skills
oldwinter/aws-support-case
tools
VerifiedTrustedCommunity
This skill should be used when users need to manage AWS Support cases via CLI. It handles listing cases (recent 2 weeks, unresolved), viewing case details with bilingual display (English-Chinese line by line), creating new cases with auto-detected service/category, replying to cases, and attachment handling. Triggers on requests mentioning "AWS support", "support case", "工单", "support ticket", or AWS technical support inquiries.
3SKILL.mdUpdated Jun 9, 2026
oldwinter/aws-cost-explorer
testing
VerifiedTrustedCommunity
This skill should be used when users need to query AWS cost and usage details for a specific date. It supports querying costs at service level (e.g., EC2, S3, RDS) and drilling down to usage type level (e.g., instance types, storage classes, data transfer). Triggers on requests mentioning AWS costs, billing, spending, cost breakdown, or fee analysis.
3SKILL.mdUpdated Jun 9, 2026
oldwinter/aws-cli
tools
VerifiedTrustedCommunity
This skill should be used when users need to interact with AWS services via CLI. It covers all AWS services including EC2, ECS, EKS, Lambda, S3, RDS, DynamoDB, VPC, Route53, CloudFront, Bedrock, Support, Billing, and more. Supports querying, creating, modifying, deleting resources, monitoring, debugging, and cost analysis. Triggers on requests mentioning AWS, cloud resources, or specific AWS service names.
3SKILL.mdUpdated Jun 9, 2026
oldwinter/api-billing-service-onboarding
development
VerifiedTrustedCommunity
This skill should be used when the user requests to add a new third-party API service to the AWS billing/quota monitoring system. It handles the complete onboarding process including adapter creation, Lambda deployment, CloudWatch alarms, Dashboard updates, and verification. Triggers on requests mentioning "add service monitoring", "monitor API balance", "setup quota alerts", "add to billing dashboard", or similar service integration requests.
3SKILL.mdUpdated Jun 9, 2026