cloudflare

Name: cloudflare
Author: vm0-ai/vm0-skills

$npx mdskill add vm0-ai/vm0-skills/cloudflare

Manage DNS zones and records via Cloudflare API

Handles DNS record creation and zone configuration tasks
Integrates with Cloudflare API for authentication and data access
Executes commands based on user intent keywords and token validity
Returns structured JSON responses for API operations

SKILL.md

.github/skills/cloudflareView on GitHub ↗

---
name: cloudflare
description: Cloudflare API for DNS and zone management. Use when user mentions "Cloudflare",
  "DNS record", "zone", or "CDN settings".
---

## Troubleshooting

If requests fail, run `zero doctor check-connector --env-name CLOUDFLARE_TOKEN` or `zero doctor check-connector --url https://api.cloudflare.com/client/v4/user/tokens/verify --method GET`

## How to Use

### Base URL

All API requests use: `https://api.cloudflare.com/client/v4`

### 1. Verify Token

```bash
curl -s "https://api.cloudflare.com/client/v4/user/tokens/verify" --header "Authorization: Bearer $CLOUDFLARE_TOKEN" | jq .
```

### 2. List Zones

```bash
curl -s "https://api.cloudflare.com/client/v4/zones" --header "Authorization: Bearer $CLOUDFLARE_TOKEN" | jq .
```

### 3. Get Zone Details

```bash
curl -s "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID" --header "Authorization: Bearer $CLOUDFLARE_TOKEN" | jq .
```

### 4. List DNS Records

```bash
curl -s "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/dns_records" --header "Authorization: Bearer $CLOUDFLARE_TOKEN" | jq .
```

### 5. Create DNS Record

Write to `/tmp/cloudflare_request.json`:

```json
{
  "type": "A",
  "name": "sub.example.com",
  "content": "1.2.3.4",
  "ttl": 3600,
  "proxied": false
}
```

Then run:

```bash
curl -s -X POST "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/dns_records" --header "Authorization: Bearer $CLOUDFLARE_TOKEN" --header "Content-Type: application/json" -d @/tmp/cloudflare_request.json | jq .
```

### 6. Update DNS Record

Write to `/tmp/cloudflare_request.json`:

```json
{
  "type": "A",
  "name": "sub.example.com",
  "content": "5.6.7.8",
  "ttl": 3600,
  "proxied": true
}
```

Then run:

```bash
curl -s -X PUT "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/dns_records/RECORD_ID" --header "Authorization: Bearer $CLOUDFLARE_TOKEN" --header "Content-Type: application/json" -d @/tmp/cloudflare_request.json | jq .
```

### 7. Delete DNS Record

```bash
curl -s -X DELETE "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/dns_records/RECORD_ID" --header "Authorization: Bearer $CLOUDFLARE_TOKEN" | jq .
```

### 8. List Workers Scripts

```bash
curl -s "https://api.cloudflare.com/client/v4/accounts/$CLOUDFLARE_ACCOUNT_ID/workers/scripts" --header "Authorization: Bearer $CLOUDFLARE_TOKEN" | jq .
```

### 9. List KV Namespaces

```bash
curl -s "https://api.cloudflare.com/client/v4/accounts/$CLOUDFLARE_ACCOUNT_ID/storage/kv/namespaces" --header "Authorization: Bearer $CLOUDFLARE_TOKEN" | jq .
```

### 10. List R2 Buckets

```bash
curl -s "https://api.cloudflare.com/client/v4/accounts/$CLOUDFLARE_ACCOUNT_ID/r2/buckets" --header "Authorization: Bearer $CLOUDFLARE_TOKEN" | jq .
```

### 11. Purge Zone Cache

Write to `/tmp/cloudflare_request.json`:

```json
{
  "purge_everything": true
}
```

Then run:

```bash
curl -s -X POST "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/purge_cache" --header "Authorization: Bearer $CLOUDFLARE_TOKEN" --header "Content-Type: application/json" -d @/tmp/cloudflare_request.json | jq .
```

### 12. List Firewall Rules

```bash
curl -s "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/firewall/rules" --header "Authorization: Bearer $CLOUDFLARE_TOKEN" | jq .
```

### 13. Get Zone Analytics

```bash
curl -s "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/analytics/dashboard?since=-1440&continuous=true" --header "Authorization: Bearer $CLOUDFLARE_TOKEN" | jq .
```

## Common DNS Record Types

| Type | Purpose | Example Content |
|------|---------|-----------------|
| **A** | IPv4 address | `1.2.3.4` |
| **AAAA** | IPv6 address | `2001:db8::1` |
| **CNAME** | Alias to another domain | `example.com` |
| **MX** | Mail server | `mail.example.com` (with priority) |
| **TXT** | Text record (SPF, DKIM, etc.) | `v=spf1 include:_spf.google.com ~all` |
| **NS** | Name server | `ns1.example.com` |
| **SRV** | Service locator | Service-specific format |

## Guidelines

1. **Use API Tokens over Global API Key**: API tokens provide scoped, least-privilege access and are the recommended authentication method
2. **Pagination**: List endpoints return paginated results (default 20-100 per page). Use `page` and `per_page` query parameters to iterate
3. **Response Structure**: All responses include `success`, `errors`, `messages`, and `result` fields. Always check `success` before using `result`
4. **Proxied Records**: Setting `proxied: true` routes traffic through Cloudflare CDN and enables security features. Not all record types support proxying
5. **Zone ID vs Domain Name**: Most API endpoints require the Zone ID (a 32-character hex string), not the domain name
6. **Account ID**: Workers, R2, KV, and other account-level resources require the Account ID instead of Zone ID
7. **Rate Limits**: Cloudflare API has rate limits per token. Monitor response headers and implement backoff if you receive 429 responses

More from vm0-ai/vm0-skills

Skill	Description
account-reconciliation	Perform account reconciliations comparing general ledger balances against subledgers, bank statements, or external records. Use for bank reconciliation, GL-to-subledger reconciliation, intercompany reconciliation, balance sheet reconciliation, reconciling item analysis, outstanding item aging, or clearing open items.
agentphone	Build AI phone agents with AgentPhone API. Use when the user wants to make phone calls, send/receive SMS, manage phone numbers, create voice agents, set up webhooks, or check usage — anything related to telephony, phone numbers, or voice AI.
ahrefs	Ahrefs SEO API for backlink and keyword analysis. Use when user mentions
amplitude	Amplitude product analytics API. Use when user mentions "Amplitude",
analysis-qa	Quality-check a data analysis before sharing — verify joins, aggregations, denominators, time ranges, and metric definitions. Detect pitfalls like survivorship bias, average-of-averages, join explosion, timezone mismatches, incomplete periods, and selection bias. Includes documentation templates for reproducible analyses.
anthropic-managed-agents	Anthropic Managed Agents API for programmatically creating, running, and streaming AI agents on Anthropic's cloud infrastructure. Use when the user mentions "Managed Agents", "Anthropic agent sessions", or needs to create/run/stream an Anthropic agent with tool use (bash, git, web), attach GitHub repositories, or inject secrets via Vault. Do NOT use for standard Claude Messages API — use the Claude API skill instead.
apify	Apify web scraping platform. Use when user mentions "scrape website",
asana	Asana API for tasks and projects. Use when user mentions "Asana", "asana.com",
atlassian	Atlassian API for Confluence and Jira. Use when user mentions "Confluence
attio	Attio REST API for AI-native CRM operations — manage companies, people, deals, and custom objects, plus notes, tasks, lists, and comments. Use when the user mentions "Attio", "CRM record", "create company", "add person", "list entry", "CRM note", or "CRM task".