بنقرة واحدة
cloudflare-health
Cloudflare zone health dashboard — DNS, security, tunnels, WAF, DDoS status
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
القائمة
Cloudflare zone health dashboard — DNS, security, tunnels, WAF, DDoS status
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
استنادا إلى تصنيف SOC المهني
Deploy and manage Cloudflare Workers — upload scripts, configure routes, manage secrets, view analytics
Manage Cloudflare R2 storage buckets and objects — create, list, inspect, delete buckets and objects
Manage Cloudflare Workers KV namespaces and key-value pairs — create, list, read, write, delete
Live integration test for all Cloudflare MCP tools — read + safe writes with cleanup
Manage Cloudflare DNS records — add, list, update, delete records with verification across multiple zones
DDoS/attack emergency response runbook — detect, assess, mitigate, monitor, de-escalate
| name | cloudflare-health |
| description | Cloudflare zone health dashboard — DNS, security, tunnels, WAF, DDoS status |
| disable-model-invocation | true |
Workflow skill for generating a comprehensive Cloudflare health snapshot. Invoked via /cf-health or when the user asks for a Cloudflare status overview. Used by the scheduled monitoring agent and on-demand by operators.
Maximize concurrent tool calls. Fire all of these simultaneously:
cloudflare_token_verify — verify API token validity and permissionscloudflare_zone_list — retrieve all configured zonescloudflare_tunnel_list — get all tunnels and their connection statuscloudflare_rate_limit_status — check current API rate limit consumptioncloudflare_security_insights_severity_count — Security Center insight severity overviewOnce zones are returned, for each zone in parallel:
cloudflare_zone_health — zone activation status, nameservers, plancloudflare_under_attack_status — current security modecloudflare_waf_list_rulesets — list active WAF rulesetscloudflare_dns_list — get DNS record count (can use a count/summary call if available)cloudflare_dnssec_status — DNSSEC enabled statuscloudflare_ssl_setting_get — current SSL/TLS encryption modecloudflare_tls_setting_get — minimum TLS versioncloudflare_certificate_list — certificate packs (check expiry)cloudflare_ssl_verification — SSL verification statuscloudflare_rate_limit_list — rate limiting rules configuredIf cloudflare_security_insights_severity_count returns any critical count > 0:
cloudflare_security_insights with severity=critical — fetch details of critical findingsProduce a structured dashboard with the following sections:
🌐 Zone Status
| Zone | Status | Plan | Nameservers |
|---|---|---|---|
| example.com | active | free | ns1.cf.com, ns2.cf.com |
🔒 Security
| Zone | Security Level | Under Attack Mode |
|---|---|---|
| example.com | medium | OFF |
🛡️ WAF
| Zone | Active Rulesets | Custom Rules |
|---|---|---|
| example.com | 3 | 2 |
🔗 Tunnels
| Name | ID | Status | Active Connections |
|---|---|---|---|
| home-tunnel | abc123 | healthy | 2 |
📊 DNS
| Zone | Record Count | DNSSEC |
|---|---|---|
| example.com | 42 | enabled |
🔐 SSL/TLS
| Zone | SSL Mode | Min TLS | Cert Status | Nearest Expiry | Verification |
|---|---|---|---|---|---|
| example.com | strict | 1.2 | active | 2026-06-15 (90d) | passed |
⏱️ Rate Limiting
| Zone | Rules | Enabled | Disabled | Actions |
|---|---|---|---|---|
| example.com | 3 | 2 | 1 | ban: 2, challenge: 1 |
⚡ API Health
🔍 Security Center Insights
| Severity | Count |
|---|---|
| Critical | 2 |
| Moderate | 3 |
| Low | 5 |
If critical findings exist, list them:
| Subject | Issue Type | Since | Resolve |
|---|---|---|---|
| example.com | exposed_infrastructure | 2026-02-04 | Fix |
If no active findings: display "No active Security Center insights."
Evaluate all collected data and assign an overall severity level:
🟢 HEALTHY — All of the following are true:
active🟡 WARNING — Any of the following:
moderate Security Center insights are active (not dismissed)flexible (not end-to-end encrypted)1.2 (acceptable but not optimal)🔴 CRITICAL — Any of the following:
activecritical Security Center insights are active (not dismissed)off or flexible on a production zone1.2Display the overall severity prominently at the top of the report.
After assessment, route the notification as follows:
#infra-monitoring only.#infra-monitoring AND #infra-alerts.#infra-monitoring AND #infra-alerts AND send a direct message to the operator on duty.All Slack messages must include:
/cf-health for full detailsIssue creation backend is configurable (set during setup wizard or in config):
| Backend | Description | Duplicate Check |
|---|---|---|
| Dashboard (default) | Store in local SQLite, display in Grafana "Security Issues" panel | Query SQLite by subject + status=open |
| GitHub | gh issue create with labels in configured repo | gh issue list --search "<subject>" |
| Jira | Create via Atlassian MCP (createJiraIssue) in configured project | JQL search by summary |
The active backend is determined by the ISSUE_BACKEND config value (dashboard, github, jira).
For each critical Security Center insight (not dismissed), auto-create a GitHub issue in the configured repo:
Duplicate check: Search for existing open issues matching the insight subject:
gh issue list --repo itunified-io/infrastructure --label "type:security,infra:cloudflare" --state open --search "<subject>"
Skip if a matching issue already exists.
Create issue if no duplicate:
security: CF Security Center — <issue_type> on <subject>infra:cloudflare, type:security, priority:high## Cloudflare Security Center Finding
| Field | Value |
|-------|-------|
| Severity | Critical |
| Subject | <subject> |
| Type | <issue_type> |
| Class | <issue_class> |
| Since | <since> |
| Resolve | [<resolve_text>](<resolve_link>) |
## Details
<payload summary — key fields from the insight payload>
## Recommended Action
<resolve_text> — follow the resolve link above.
---
*Auto-created by `/cf-health` scheduled task*
Slack notification: Include the newly created GH issue URL(s) in the #infra-alerts message alongside the severity summary.
For each critical finding, create a Jira issue via Atlassian MCP:
searchJiraIssuesUsingJql with summary ~ "<subject>" AND status != DonecreateJiraIssue with configured project key, issue type Bug, priority HighFor each finding (WARNING + CRITICAL), store in local SQLite:
issues table where subject = "<subject>" AND status = "open"INSERT INTO issues (subject, issue_type, severity, since, payload, status, created_at)cloudflare_token_verify — verify API connectivity and token validitycloudflare_zone_list — list all zones with status and plan infocloudflare_zone_health — per-zone health details (nameservers, activation status)cloudflare_under_attack_status — per-zone Under Attack Mode statuscloudflare_tunnel_list — list tunnels with connection healthcloudflare_waf_list_rulesets — list active WAF rulesets per zonecloudflare_dns_list — DNS records (used for count)cloudflare_dnssec_status — DNSSEC status per zonecloudflare_rate_limit_status — API rate limit consumptioncloudflare_security_insights_severity_count — Security Center insight severity overviewcloudflare_security_insights — detailed Security Center findings (filtered by severity)cloudflare_ssl_setting_get — SSL/TLS encryption mode per zonecloudflare_tls_setting_get — minimum TLS version per zonecloudflare_certificate_list — certificate packs with expiry datescloudflare_ssl_verification — SSL verification status per zonecloudflare_rate_limit_list — rate limiting rules per zone