Agent skill
cloudflare
Cloudflare API for DNS and zone management. Use when user mentions "Cloudflare", "DNS record", "zone", or "CDN settings".
Stars
50
Forks
8
Install this agent skill to your Project
npx add-skill https://github.com/vm0-ai/vm0-skills/tree/main/cloudflare
SKILL.md
Cloudflare
Cloudflare provides a comprehensive platform for DNS management, CDN, security, serverless computing (Workers), object storage (R2), and more. Use the REST API to manage zones, DNS records, Workers scripts, KV namespaces, R2 buckets, and firewall rules programmatically.
Official docs:
https://developers.cloudflare.com/api/
When to Use
Use this skill when you need to:
- Manage DNS records (create, update, delete A, AAAA, CNAME, MX, TXT records)
- List and configure zones and zone settings
- Deploy and manage Workers scripts
- Manage R2 object storage buckets
- Configure firewall rules and security settings
- Query analytics and logs
Prerequisites
- Create a Cloudflare account at https://dash.cloudflare.com/sign-up
- Go to My Profile > API Tokens and click Create Token
- Choose a template (e.g., "Edit zone DNS") or create a custom token with required permissions
- Copy the generated token immediately (it is only shown once)
Set environment variables:
bash
export CLOUDFLARE_TOKEN="your-api-token"
For zone-specific operations, you also need your Zone ID (found on the zone overview page in the dashboard):
bash
export CLOUDFLARE_ZONE_ID="your-zone-id"
For account-level operations (Workers, R2), you need your Account ID (found on the dashboard overview):
bash
export CLOUDFLARE_ACCOUNT_ID="your-account-id"
How to Use
Base URL
All API requests use: https://api.cloudflare.com/client/v4
1. Verify Token
bash
curl -s "https://api.cloudflare.com/client/v4/user/tokens/verify" --header "Authorization: Bearer $(printenv CLOUDFLARE_TOKEN)" | jq .
2. List Zones
bash
curl -s "https://api.cloudflare.com/client/v4/zones" --header "Authorization: Bearer $(printenv CLOUDFLARE_TOKEN)" | jq .
3. Get Zone Details
bash
curl -s "https://api.cloudflare.com/client/v4/zones/$(printenv CLOUDFLARE_ZONE_ID)" --header "Authorization: Bearer $(printenv CLOUDFLARE_TOKEN)" | jq .
4. List DNS Records
bash
curl -s "https://api.cloudflare.com/client/v4/zones/$(printenv CLOUDFLARE_ZONE_ID)/dns_records" --header "Authorization: Bearer $(printenv CLOUDFLARE_TOKEN)" | jq .
5. Create DNS Record
Write to /tmp/cloudflare_request.json:
json
{
"type": "A",
"name": "sub.example.com",
"content": "1.2.3.4",
"ttl": 3600,
"proxied": false
}
Then run:
bash
curl -s -X POST "https://api.cloudflare.com/client/v4/zones/$(printenv CLOUDFLARE_ZONE_ID)/dns_records" --header "Authorization: Bearer $(printenv CLOUDFLARE_TOKEN)" --header "Content-Type: application/json" -d @/tmp/cloudflare_request.json | jq .
6. Update DNS Record
Write to /tmp/cloudflare_request.json:
json
{
"type": "A",
"name": "sub.example.com",
"content": "5.6.7.8",
"ttl": 3600,
"proxied": true
}
Then run:
bash
curl -s -X PUT "https://api.cloudflare.com/client/v4/zones/$(printenv CLOUDFLARE_ZONE_ID)/dns_records/RECORD_ID" --header "Authorization: Bearer $(printenv CLOUDFLARE_TOKEN)" --header "Content-Type: application/json" -d @/tmp/cloudflare_request.json | jq .
7. Delete DNS Record
bash
curl -s -X DELETE "https://api.cloudflare.com/client/v4/zones/$(printenv CLOUDFLARE_ZONE_ID)/dns_records/RECORD_ID" --header "Authorization: Bearer $(printenv CLOUDFLARE_TOKEN)" | jq .
8. List Workers Scripts
bash
curl -s "https://api.cloudflare.com/client/v4/accounts/$(printenv CLOUDFLARE_ACCOUNT_ID)/workers/scripts" --header "Authorization: Bearer $(printenv CLOUDFLARE_TOKEN)" | jq .
9. List KV Namespaces
bash
curl -s "https://api.cloudflare.com/client/v4/accounts/$(printenv CLOUDFLARE_ACCOUNT_ID)/storage/kv/namespaces" --header "Authorization: Bearer $(printenv CLOUDFLARE_TOKEN)" | jq .
10. List R2 Buckets
bash
curl -s "https://api.cloudflare.com/client/v4/accounts/$(printenv CLOUDFLARE_ACCOUNT_ID)/r2/buckets" --header "Authorization: Bearer $(printenv CLOUDFLARE_TOKEN)" | jq .
11. Purge Zone Cache
Write to /tmp/cloudflare_request.json:
json
{
"purge_everything": true
}
Then run:
bash
curl -s -X POST "https://api.cloudflare.com/client/v4/zones/$(printenv CLOUDFLARE_ZONE_ID)/purge_cache" --header "Authorization: Bearer $(printenv CLOUDFLARE_TOKEN)" --header "Content-Type: application/json" -d @/tmp/cloudflare_request.json | jq .
12. List Firewall Rules
bash
curl -s "https://api.cloudflare.com/client/v4/zones/$(printenv CLOUDFLARE_ZONE_ID)/firewall/rules" --header "Authorization: Bearer $(printenv CLOUDFLARE_TOKEN)" | jq .
13. Get Zone Analytics
bash
curl -s "https://api.cloudflare.com/client/v4/zones/$(printenv CLOUDFLARE_ZONE_ID)/analytics/dashboard?since=-1440&continuous=true" --header "Authorization: Bearer $(printenv CLOUDFLARE_TOKEN)" | jq .
Common DNS Record Types
| Type | Purpose | Example Content |
|---|---|---|
| A | IPv4 address | 1.2.3.4 |
| AAAA | IPv6 address | 2001:db8::1 |
| CNAME | Alias to another domain | example.com |
| MX | Mail server | mail.example.com (with priority) |
| TXT | Text record (SPF, DKIM, etc.) | v=spf1 include:_spf.google.com ~all |
| NS | Name server | ns1.example.com |
| SRV | Service locator | Service-specific format |
Guidelines
- Use API Tokens over Global API Key: API tokens provide scoped, least-privilege access and are the recommended authentication method
- Pagination: List endpoints return paginated results (default 20-100 per page). Use
pageandper_pagequery parameters to iterate - Response Structure: All responses include
success,errors,messages, andresultfields. Always checksuccessbefore usingresult - Proxied Records: Setting
proxied: trueroutes traffic through Cloudflare CDN and enables security features. Not all record types support proxying - Zone ID vs Domain Name: Most API endpoints require the Zone ID (a 32-character hex string), not the domain name
- Account ID: Workers, R2, KV, and other account-level resources require the Account ID instead of Zone ID
- Rate Limits: Cloudflare API has rate limits per token. Monitor response headers and implement backoff if you receive 429 responses
Didn't find tool you were looking for?