cf-crawl

Crawls websites using Cloudflare's API to save content as markdown files, ideal for documentation and knowledge base ingestion.

Install this skill

or

0/100

Security score

The cf-crawl skill was audited on May 16, 2026 and we found 28 security issues across 4 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 58

Template literal with variable interpolation in command context

SourceSKILL.md

58

```bash

medium line 74

Template literal with variable interpolation in command context

SourceSKILL.md

74

```bash

medium line 97

Template literal with variable interpolation in command context

SourceSKILL.md

97

```bash

medium line 113

Template literal with variable interpolation in command context

SourceSKILL.md

113

```bash

medium line 121

Template literal with variable interpolation in command context

SourceSKILL.md

121

```bash

medium line 127

Template literal with variable interpolation in command context

SourceSKILL.md

127

```bash

medium line 59

Curl to non-GitHub URL

SourceSKILL.md

59	curl -s -X POST "https://api.cloudflare.com/client/v4/accounts/${CLOUDFLARE_ACCOUNT_ID}/browser-rendering/crawl" \

medium line 75

Curl to non-GitHub URL

SourceSKILL.md

75	curl -s -X POST "https://api.cloudflare.com/client/v4/accounts/${CLOUDFLARE_ACCOUNT_ID}/browser-rendering/crawl" \

medium line 98

Curl to non-GitHub URL

SourceSKILL.md

98	curl -s -X GET "https://api.cloudflare.com/client/v4/accounts/${CLOUDFLARE_ACCOUNT_ID}/browser-rendering/crawl/<JOB_ID>?limit=1" \

medium line 115

Curl to non-GitHub URL

SourceSKILL.md

115	curl -s -X GET "https://api.cloudflare.com/client/v4/accounts/${CLOUDFLARE_ACCOUNT_ID}/browser-rendering/crawl/<JOB_ID>?status=skipped&limit=50" \

medium line 122

Curl to non-GitHub URL

SourceSKILL.md

122	curl -s -X GET "https://api.cloudflare.com/client/v4/accounts/${CLOUDFLARE_ACCOUNT_ID}/browser-rendering/crawl/<JOB_ID>?status=completed&limit=50" \

medium line 128

Curl to non-GitHub URL

SourceSKILL.md

128	curl -s -X GET "https://api.cloudflare.com/client/v4/accounts/${CLOUDFLARE_ACCOUNT_ID}/browser-rendering/crawl/<JOB_ID>?status=completed&limit=50&cursor=<CURSOR>" \

medium line 27

Access to hidden dotfiles in home directory

SourceSKILL.md

27	4. Home directory `.env` - Read `~/.env` as a last resort

medium line 25

Access to .env file

SourceSKILL.md

25	2. Project `.env` file - Read `.env` in the current working directory and extract the values

medium line 26

Access to .env file

SourceSKILL.md

26	3. Project `.env.local` file - Read `.env.local` in the current working directory

medium line 27

Access to .env file

SourceSKILL.md

27	4. Home directory `.env` - Read `~/.env` as a last resort

medium line 29

Access to .env file

SourceSKILL.md

29	To load from a `.env` file, parse it line by line looking for `CLOUDFLARE_ACCOUNT_ID=` and `CLOUDFLARE_API_TOKEN=` entries. Use this bash approach:

low line 32

Access to .env file

SourceSKILL.md

32	# Load from .env if vars are not already set

low line 34

Access to .env file

SourceSKILL.md

34	for envfile in .env .env.local "$HOME/.env"; do

medium line 42

Access to .env file

SourceSKILL.md

42	If credentials are still missing after checking all sources, tell the user to add them to their project `.env` file:

low line 48

External URL reference

SourceSKILL.md

48	The API token needs "Browser Rendering - Edit" permission. Create one at [Cloudflare Dashboard > API Tokens](https://dash.cloudflare.com/profile/api-tokens).

low line 59

External URL reference

SourceSKILL.md

59	curl -s -X POST "https://api.cloudflare.com/client/v4/accounts/${CLOUDFLARE_ACCOUNT_ID}/browser-rendering/crawl" \

low line 75

External URL reference

SourceSKILL.md

75	curl -s -X POST "https://api.cloudflare.com/client/v4/accounts/${CLOUDFLARE_ACCOUNT_ID}/browser-rendering/crawl" \

low line 98

External URL reference

SourceSKILL.md

98	curl -s -X GET "https://api.cloudflare.com/client/v4/accounts/${CLOUDFLARE_ACCOUNT_ID}/browser-rendering/crawl/<JOB_ID>?limit=1" \

low line 115

External URL reference

SourceSKILL.md

115	curl -s -X GET "https://api.cloudflare.com/client/v4/accounts/${CLOUDFLARE_ACCOUNT_ID}/browser-rendering/crawl/<JOB_ID>?status=skipped&limit=50" \

low line 122

External URL reference

SourceSKILL.md

122	curl -s -X GET "https://api.cloudflare.com/client/v4/accounts/${CLOUDFLARE_ACCOUNT_ID}/browser-rendering/crawl/<JOB_ID>?status=completed&limit=50" \

low line 128

External URL reference

SourceSKILL.md

128	curl -s -X GET "https://api.cloudflare.com/client/v4/accounts/${CLOUDFLARE_ACCOUNT_ID}/browser-rendering/crawl/<JOB_ID>?status=completed&limit=50&cursor=<CURSOR>" \

low line 147

External URL reference

SourceSKILL.md

147	base = f'https://api.cloudflare.com/client/v4/accounts/{account_id}/browser-rendering/crawl/{job_id}'

Scanned on May 16, 2026

View Security Dashboard

Installation guide →

Rate this skill

Categorydata analytics

UpdatedMay 31, 2026

openclaw api data-analyst marketing-analyst content-marketer data analytics marketing

transaurus/staging-davila7-claude-code-templates