cloudflare
22
总安装量
2
周安装量
#16955
全站排名
安装命令
npx skills add https://github.com/heyvhuang/ship-faster --skill cloudflare
Agent 安装分布
trae
1
cursor
1
kiro-cli
1
claude-code
1
gemini-cli
1
Skill 文档
Cloudflare Infrastructure Operations
Manage Cloudflare services: Workers, KV, R2, D1, Hyperdrive, Observability, Builds, and Audit Logs.
MCP is optional. This skill works with MCP (auto), Wrangler CLI, or Dashboard. See BACKENDS.md for execution options.
Permission Tiers
| Tier | Purpose | Scope | Risk Control |
|---|---|---|---|
| Diagnose | Read-only/query/troubleshoot | Observability, Builds, Audit | Default entry, no writes |
| Change | Create/modify/delete resources | KV, R2, D1, Hyperdrive | Requires confirmation + verification |
| Super Admin | Highest privileges | All + Container Sandbox | Only in isolated/test environments |
Security Rules
Read Operations
- Define scope first â account / worker / resource ID
- No account set? â List accounts first, then set active
- Evidence required â Conclusions must have logs/screenshots/audit records
Write Operations (Three-step Flow)
1. Plan: Read current state first (list/get)
2. Confirm: Output precise change (name/ID/impact), await user confirmation
3. Execute: create/delete/update
4. Verify: audit logs + observability confirm no new errors
Prohibited Actions
- â Execute create/delete/update without confirmation
- â Delete production resources (unless user explicitly says “delete production xxx”)
- â Use Super Admin privileges in non-isolated environments
- â Use container sandbox as persistent environment
Operation Categories
Diagnose Tier (Read-only)
| Category | What You Can Do |
|---|---|
| Observability | Query worker logs/metrics, discover fields, explore values |
| Builds | List build history, get build details, view build logs |
| Browser | Fetch page HTML, convert to markdown, take screenshots |
| Audit | Pull change history by time range |
| Workers | List workers, get details, view source code |
Change Tier (Write Operations)
| Resource | Operations |
|---|---|
| KV | List, get, create â ï¸, update â ï¸, delete â ï¸ |
| R2 | List, get, create â ï¸, delete â ï¸ |
| D1 | List, get, query, create â ï¸, delete â ï¸ |
| Hyperdrive | List, get, create â ï¸, edit â ï¸, delete â ï¸ |
â ï¸ = Requires confirmation
Super Admin Tier (Container Sandbox)
Temporary container for isolated tasks (~10 min lifecycle):
- Initialize, execute commands, read/write/delete files
- Use for: running tests, reproducing issues, parsing data
- NOT for: persistent state, production workloads
Common Workflows
Troubleshooting Flow
1. Clarify symptoms â worker name / time range / error type
2. Query observability to pull logs/metrics
3. If build-related â get build logs
4. If page-related â take screenshot to reproduce
5. Trace changes â pull audit logs
6. Summarize: root cause + evidence + fix recommendations
Resource Management Flow
1. List accounts â set active account
2. List resources (KV / R2 / D1)
3. Plan changes â present to user
4. Execute after confirmation
5. Verify: audit logs + observability shows no errors
Output Format
- Language: English
- Structure: Conclusion â Key data/evidence â Tool call summary â Next steps
- Write operations: Must clearly list operations and impact scope
Example:
â
Investigation complete: worker `api-gateway` experienced 5xx spike between 18:00-18:30
Root cause: New code deployed threw TypeError when processing /v2/users
Evidence:
- Logs: 18:02 first occurrence of "Cannot read property 'id' of undefined"
- Audit: 18:00 user dev@example.com deployed new version
- Metrics: error_rate jumped from 0.1% to 12%
Recommendation: Roll back to previous version, or fix /v2/users handler
File-based Pipeline
When integrating into multi-step workflows:
runs/<workflow>/active/<run_id>/
âââ proposal.md # Symptoms/objectives
âââ context.json # Account/worker/resource/time_range
âââ tasks.md # Checklist + approval gate
âââ evidence/observability.md
âââ evidence/audit.md
âââ evidence/screenshots/
âââ evidence/change-plan.md # Write operations written here first
âââ evidence/report.md # Conclusion + evidence + next steps
âââ logs/events.jsonl # Optional tool call summary
Error Handling
| Situation | Action |
|---|---|
| Account not set | Run accounts_list â set_active_account first |
| Resource doesn’t exist | Verify ID/name, list available resources |
| Insufficient permissions | Explain required permissions, check API token scope |
| Observability query too broad | Split into smaller time ranges |
Related Files
- BACKENDS.md â Execution options (MCP/CLI/Dashboard)
- SETUP.md â MCP configuration (optional)
- scenarios.md â 20 real-world scenario examples