ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

CF Share

v0.1.6

Use the cfshare CLI to expose local ports/files as temporary Cloudflare Quick Tunnel URLs. Trigger when a user needs a temporary public URL for a local servi...

0· 689·0 current·0 all-time
bySixteen@ystemsrx
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description (expose local ports/files via Cloudflare Quick Tunnel) align with the instructions: it calls cfshare and cloudflared, supports exposing ports/files, listing/stopping exposures, and exporting audit state. The declared required binaries in metadata (cfshare, cloudflared) match runtime checks.
Instruction Scope
SKILL.md stays within the stated purpose: it instructs running env_check, creating exposures, copying paths into a temporary workspace, and returning public_url/expires_at. It explicitly exposes user files/ports publicly (or with token/basic access) — this is expected but high-risk from a privacy perspective. It does not instruct reading unrelated system files or environment variables, though it references 'defaults' and 'runtime paths' which may cause the tool to read local config/policy files.
Install Mechanism
No install spec in the skill bundle (instruction-only). The SKILL.md recommends installing cfshare via npm -g and cloudflared via brew/apt/winget or a GitHub release binary. Those sources are common but carry moderate risk: npm packages run install scripts and can execute arbitrary code, and curl to download/extract binaries executes network-fetched code. Verify package provenance and signatures before installing.
Credentials
The skill declares no required environment variables or credentials, but it provides access modes (token/basic/none) and mentions masked access_info. It's unclear whether Cloudflare account credentials or cloudflared secrets (if any) are needed or how tokens are generated/managed. The lack of explicit mention of required Cloudflare credentials is an omission worth clarifying.
Persistence & Privilege
always:false and no install artifacts in the skill bundle. The skill may advise running cfshare with --keep-alive for foreground lifecycle but does not request permanent agent presence or modification of other skills/config. No evidence of elevated or persistent privileges requested by the skill manifest itself.
Assessment
This skill appears to do what it advertises (create temporary public URLs) but you should verify a few things before installing or running it: 1) Confirm the npm package (@ystemsrx/cfshare) and its source repository are legitimate and review its install scripts — npm -g can run arbitrary code. 2) Check the cloudflared binary source (the SKILL.md references official Cloudflare repos and GitHub releases; prefer package manager installs or signed releases). 3) Clarify whether you need a Cloudflare account or service credentials (the SKILL.md is silent on account credentials but exposes token/basic access modes). 4) Remember that exposing files/ports can leak sensitive data — test with non-sensitive files and use token access where possible. 5) If you need higher assurance, run the installs in a sandbox or VM, and inspect the installed cfshare package contents and the output of cfshare env_check before exposing anything important.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cnhsq63nt3qeya85vm0p3ad845t26
689downloads
0stars
3versions
Updated 4h ago
v0.1.6
MIT-0
Sixteen@ystemsrx
latest
Download

CFShare CLI Skill

cfshare wraps Cloudflare Quick Tunnel and outputs structured JSON.

Install when version checks fail

If either command fails, install missing binaries before running any cfshare tool.

cfshare --version
cloudflared --version
  1. If cfshare --version fails, install cfshare (requires Node.js and npm):
npm install -g @ystemsrx/cfshare
  1. If cloudflared --version fails, install cloudflared by platform:

macOS:

brew install cloudflare/cloudflare/cloudflared

Debian/Ubuntu:

curl -fsSL https://pkg.cloudflare.com/cloudflare-main.gpg | sudo tee /usr/share/keyrings/cloudflare-main.gpg >/dev/null
echo "deb [signed-by=/usr/share/keyrings/cloudflare-main.gpg] https://pkg.cloudflare.com/cloudflared $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/cloudflared.list
sudo apt-get update && sudo apt-get install -y cloudflared

Windows (PowerShell):

winget install --id Cloudflare.cloudflared

WSL/Linux generic binary install:

curl -fsSL https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64 -o /usr/local/bin/cloudflared
sudo chmod +x /usr/local/bin/cloudflared
  1. Re-run both version checks. If still failing, stop and report exact stderr output to user.

CLI contract

cfshare <tool> [params-json] [options]

Supported tools:

  • env_check
  • expose_port
  • expose_files
  • exposure_list
  • exposure_get
  • exposure_stop
  • exposure_logs
  • maintenance
  • audit_query
  • audit_export

Global options:

  • --params '<json>' or --params-file <path>
  • --config '<json>' or --config-file <path>
  • --workspace-dir <dir> (only used by expose_files)
  • --keep-alive (for expose_*, keep foreground process alive)
  • --no-keep-alive (default for expose_*, print result then exit)
  • --compact

Command names accept _ and - (for example expose-port == expose_port).

Standard workflow for agents

  1. Run env_check first.
  2. Create exposure with expose_port or expose_files.
  3. Return public_url and expires_at to user immediately.
  4. By default, expose_* prints result and exits.
  5. Use --keep-alive only when foreground lifecycle control is needed; stop with Ctrl+C when done.

Recommended for stable automation:

  • Prefer --params/--params-file over positional raw JSON to reduce quoting errors.
  • Prefer access: "token" for sensitive content.
  • Treat access: "none" as publicly readable by anyone with link.

Tool usage

1) env_check

cfshare env_check

Returns:

  • cloudflared.ok/path/version
  • defaults (effective policy + runtime paths)
  • warnings

2) expose_port

cfshare expose_port --params '{"port":3000,"opts":{"access":"token","ttl_seconds":3600}}'

Params:

  • port: 1..65535
  • opts.ttl_seconds
  • opts.access: token | basic | none
  • opts.protect_origin: default access != "none"
  • opts.allowlist_paths: path prefix allowlist for reverse proxy

Returns:

  • id
  • public_url (token mode auto-appends ?token=...)
  • local_url
  • expires_at
  • access_info (secrets are masked)

3) expose_files

cfshare expose_files --params '{"paths":["./dist"],"opts":{"mode":"normal","presentation":"preview","access":"none"}}'

Params:

  • paths: files/directories to copy into temp workspace
  • opts.mode: normal | zip (default normal)
  • opts.presentation: download | preview | raw (default download)
  • opts.ttl_seconds
  • opts.access: token | basic | none
  • opts.max_downloads: auto-stop after threshold

File Serving Behavior:

Mode: normal

  • Single file → served directly at the root URL.
  • Multiple files or a directory → displayed in an intuitive file explorer interface.

Mode: zip

  • All files are packaged into a ZIP archive.

Presentation:

  • Default behaviors: download | preview | raw
  • Behavior can be overridden via query parameters.
    • download → forces browser file save.
    • preview → renders inline (images, PDF, Markdown, audio/video, HTML, text, etc.).
    • raw → serves original content without any wrapper.
  • If a file type is not previewable, preview automatically falls back to raw, then to download.

Returns:

  • id, public_url, expires_at, mode, presentation
  • manifest, manifest_mode, manifest_meta

4) exposure_list

cfshare exposure_list

Lists tracked sessions with id/type/status/public_url/local_url/expires_at.

5) exposure_get

cfshare exposure_get --params '{"id":"port_xxx","opts":{"probe_public":true}}'
cfshare exposure_get --params '{"filter":{"status":"running"},"fields":["id","status","public_url"]}'

Supports selector by id, ids, or filter. Can probe public reachability via opts.probe_public.

6) exposure_stop

cfshare exposure_stop --params '{"id":"all"}'

Stops tunnel/proxy/origin and removes temporary workspace. Returns {stopped, failed, cleaned}.

7) exposure_logs

cfshare exposure_logs --params '{"id":"files_xxx","opts":{"component":"all","lines":200}}'

component: tunnel | origin | all.

8) maintenance

cfshare maintenance --params '{"action":"run_gc"}'
cfshare maintenance --params '{"action":"set_policy","opts":{"policy":{"maxTtlSeconds":7200},"ignore_patterns":["*.pem",".env*"]}}'

Actions:

  • start_guard
  • run_gc
  • set_policy (requires opts.policy or opts.ignore_patterns)

9) audit_query

cfshare audit_query --params '{"filters":{"event":"exposure_started","limit":100}}'

10) audit_export

cfshare audit_export --params '{"range":{"from_ts":"2026-01-01T00:00:00Z","output_path":"./audit.jsonl"}}'

Runtime files (CLI mode)

Default CLI state directory is ~/.cfshare:

  • policy.json
  • policy.ignore
  • audit.jsonl
  • sessions.json
  • workspaces/
  • exports/

Important limitations in CLI mode

  • expose_port and expose_files exit by default after printing result; use --keep-alive to hold foreground.
  • Current session registry is in-process memory; separate cfshare invocations do not restore full live session state.
  • basic mode credentials are masked in outputs, so token is usually the practical authenticated mode for agent-delivered links.

Troubleshooting

  • cloudflared binary not found: install cloudflared or set --config '{"cloudflaredPath":"..."}'
  • local service is not reachable on 127.0.0.1:<port>: start service first
  • path blocked by ignore policy: adjust policy.ignore or maintenance set_policy
  • port blocked by policy: update blockedPorts in policy if intentional

Use CFSHARE_LOG_LEVEL=info or CFSHARE_LOG_LEVEL=debug for more stderr logs.

Comments

Loading comments...