Wrangler
v1.1.0Manage Cloudflare Workers, KV, D1, R2, and secrets using the Wrangler CLI. Use when deploying workers, managing databases, storing objects, or configuring Cloudflare resources. Covers worker deployment, KV namespaces, D1 SQL databases, R2 object storage, secrets management, and tailing logs.
⭐ 7· 2.3k·14 current·14 all-time
byAsleep@asleep123
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The name/description match the SKILL.md content: it documents using the Wrangler CLI to manage Workers, KV, D1, R2, secrets, and logs. It does not request unrelated binaries, environment variables, or access beyond Cloudflare-related operations.
Instruction Scope
Instructions are limited to normal Wrangler usage (init, dev, deploy, kv/d1/r2 operations, secret management, tailing logs). They reference reading local config/files (schema.sql, JSON secrets file, wrangler.toml/jsonc) and using interactive login; they do not instruct reading arbitrary unrelated system files or exfiltrating data. However, several commanded operations (secret put, tail, delete, bulk upload) can create, expose or remove sensitive data — this is expected for a management tool but worth being cautious about.
Install Mechanism
There is no platform install spec (skill is instruction-only), which is lowest risk for the skill bundle. The SKILL.md recommends installing Wrangler via npm install -g wrangler or using npx. Installing packages from npm or running npx pulls remote code at runtime; this is expected for CLI guidance but is an external risk worth verifying (use official package name and check versions).
Credentials
The skill declares no required env vars/credentials, but its workflow depends on authenticating to Cloudflare (wrangler login or using API tokens). The instructions will create or use local auth credentials and allow managing resources and secrets in your Cloudflare account. This is proportional to the task but users should use scoped API tokens and least privilege, and be mindful that secret management commands will store secrets accessible by the Worker environment.
Persistence & Privilege
always is false and the skill is user-invocable. As instruction-only, it does not request persistent platform privileges or attempt to modify other skills or system-wide agent configs.
Assessment
This skill is a documentation-style helper for the official Wrangler CLI and appears coherent with that purpose. Before using it: (1) Confirm you trust the skill author/source — the registry metadata shows no homepage/source URL here. (2) When following its install steps, prefer npx or explicitly installed official releases (verify package name and version on the Cloudflare docs or npmjs.com). (3) Use scoped, least-privilege Cloudflare API tokens rather than broad account keys where possible. (4) Be careful with commands that upload/delete data or manage secrets (bulk secret upload, secret put, delete, tail logs can expose sensitive info). (5) If you need stronger assurance, cross-check commands with the official Cloudflare Wrangler docs and avoid running commands from unknown scripts or untrusted sources.Like a lobster shell, security has layers — review code before you run it.
latestvk9730yphr09m2q61mwmw1dhj257zmsjy
License
MIT-0
Free to use, modify, and redistribute. No attribution required.