Cloudflare Dns Updater
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: cloudflare-dns-updater Version: 0.1.1 The skill is classified as suspicious due to the explicit instruction in `SKILL.md` for the AI agent to execute an external shell command (`curl -s https://ipv4.icanhazip.com/`). While this command is benign and serves the stated purpose of dynamically obtaining an IP address for DNS updates, it demonstrates a capability for the agent to execute arbitrary shell commands based on skill instructions, which represents a significant prompt injection vector. The `scripts/update-record.py` itself securely handles the `CLOUDFLARE_API_TOKEN` and only interacts with `api.cloudflare.com`.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used with incorrect inputs, the skill could point a real subdomain to the wrong IP address.
The script can update or create live Cloudflare DNS records. This matches the skill purpose and is scoped to supplied arguments, but a wrong invocation could redirect or break a domain.
response = requests.put(update_url, headers=headers, json=payload, timeout=10) ... response = requests.post(create_url, headers=headers, json=payload, timeout=10)
Confirm the zone, record name, target IP, and proxied setting before use, and consider adding an explicit confirmation step for production domains.
Anyone or any agent process with access to the token could change DNS records allowed by that token.
A DNS-edit Cloudflare token is sensitive account authority. Its use is expected and disclosed, but users should scope it carefully.
requires the `CLOUDFLARE_API_TOKEN` environment variable to be set with a valid Cloudflare API Token that has DNS edit permissions
Use a least-privilege Cloudflare API token limited to the intended zone, avoid account-wide tokens, and do not expose the token in logs or shared environments.
Dependency resolution may vary across systems if the requests package is installed or updated independently.
The Python dependency is unpinned. This is common for simple scripts and there is no automatic install spec, but users should install dependencies from a trusted environment.
requests
Install dependencies from a trusted package index or pin a known-good requests version in controlled deployments.