agent-cloudflare

Cloudflare ops triage CLI for AI agents

Language: Go
License: MIT
Category: CLI Tool

A read-first Cloudflare operations CLI for AI agents, focused on zone investigation, traffic context, DNS, SSL, rules, cache, and Waiting Rooms. It fills the gap between raw Cloudflare API calls and Wrangler's Worker-focused developer workflows.

Features

Read-first operations triage — inspect zones, DNS, SSL, rulesets, analytics, cache, and Waiting Rooms

Secret-safe credential profiles — store API tokens outside LLM context with non-secret account and zone defaults

Structured output — compact evidence records to stdout and classified errors to stderr

Traffic investigation — answer whether traffic is spiking, blocked, or behaving unexpectedly

Configuration checks — verify DNS, SSL/TLS, cache, and ruleset state without dashboard spelunking

Waiting Rooms visibility — inspect configured rooms, status, and routing

Agent-safe mutations later — cache purge, DNS edits, and Waiting Room updates require explicit opt-in

Getting Started

agent-cloudflare is designed around named profiles. A profile stores the secret token reference plus non-secret defaults such as account and zone IDs.

01 · Add a Cloudflare profile

$ agent-cloudflare profiles add prod --form

With --form, the token is entered outside the LLM context.

02 · Check credentials

$ agent-cloudflare profiles check prod

03 · Inspect zone health

$ agent-cloudflare investigate zone-health example.com

Usage

>_ List zones

$ agent-cloudflare zones list

>_ Inspect DNS records

$ agent-cloudflare dns list example.com

>_ Check SSL status

$ agent-cloudflare ssl status example.com

>_ Inspect recent traffic

$ agent-cloudflare analytics traffic example.com --since 1h

>_ List Waiting Rooms

$ agent-cloudflare waiting-rooms list example.com

>_ Investigate a traffic spike

$ agent-cloudflare investigate traffic-spike example.com --since 1h