@ystemsrx/cfshare 0.1.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 Sixteen
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,337 @@
+<h1 align="center">☁️ CFShare</h1>
+
+<p align="center">
+Securely share local files and services to the public internet via Cloudflare Tunnel
+</p>
+
+<p align="center">
+  <img src="https://img.shields.io/badge/Platform-macOS_|_Linux_|_Windows_(WSL2)-9cf?style=flat-square" alt="Platform">
+  <img src="https://img.shields.io/badge/Node-≥22-339933?style=flat-square&logo=node.js&logoColor=white" alt="Node">
+  <img src="https://img.shields.io/badge/OpenClaw-≥2026.1.29-E86D37?style=flat-square" alt="OpenClaw">
+  <img src="https://img.shields.io/badge/License-MIT-97CA00?style=flat-square" alt="MIT">
+</p>
+
+<p align="center">
+  <a href="./README.zh.md">简体中文</a>
+  &nbsp;|&nbsp;
+  <strong>English</strong>
+</p>
+
+---
+
+## 📖 What Is This?
+
+**CFShare** is a community plugin for [OpenClaw](https://github.com/openclaw/openclaw) that enables your AI assistant to:
+
+- 🔗 **Expose a local port** as a temporary public HTTPS link (`https://*.trycloudflare.com`) with one command
+- 📁 **Share files/directories** — automatically spins up a local static server + tunnel so recipients can browse/download/preview via a link (encryption supported)
+- 🔒 **Built-in security** — Token/Basic auth, rate limiting, port blacklist, exclusion rules
+- ⏱️ **Auto-expiry cleanup** — tunnels are automatically closed and temp files deleted when the TTL expires
+
+> [!NOTE]
+> **No Cloudflare account required.** CFShare uses [Cloudflare Quick Tunnel](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/do-more-with-tunnels/trycloudflare/) (`trycloudflare.com`), which is completely free and works out of the box.
+
+---
+
+## 🏗️ How It Works
+
+```mermaid
+flowchart LR
+    subgraph LOCAL["Your Machine"]
+        A["Local Service / Files"]
+        B["[Optional] Reverse Proxy<br/>(Auth + Rate Limit)"]
+        C["cloudflared tunnel"]
+
+        A --> B
+        B --> C
+    end
+
+    C ==>|Cloudflare Quick Tunnel| D["https://xxx.trycloudflare.com"]
+    E["Recipient's Browser"] --> D
+```
+
+Internally, CFShare handles: path validation → copy files to a temp directory → start a read-only static server → mount auth/rate-limit reverse proxy → launch `cloudflared` tunnel → schedule expiry cleanup. All you need to do is tell the AI "what you want to share" and it takes care of the rest.
+
+---
+
+## 🚀 Installation
+
+### Step 1: Make Sure OpenClaw Is Installed
+
+If you haven't installed OpenClaw yet, do so first:
+
+```bash
+# Install OpenClaw (requires Node.js ≥ 22)
+npm install -g openclaw@latest
+
+# Run the onboarding wizard
+openclaw onboard --install-daemon
+```
+
+> [!TIP]
+> Not sure about your Node.js version? Run `node -v` to check. [nvm](https://github.com/nvm-sh/nvm) is recommended for managing versions.
+
+---
+
+### Step 2: Install `cloudflared`
+
+CFShare relies on Cloudflare's `cloudflared` CLI to create tunnels.
+
+<details>
+<summary><b>🍎 macOS</b></summary>
+
+```bash
+brew install cloudflare/cloudflare/cloudflared
+```
+
+</details>
+
+<details>
+<summary><b>🐧 Linux (Debian / Ubuntu)</b></summary>
+
+```bash
+curl -fsSL https://pkg.cloudflare.com/cloudflare-main.gpg | sudo tee /usr/share/keyrings/cloudflare-main.gpg >/dev/null
+echo "deb [signed-by=/usr/share/keyrings/cloudflare-main.gpg] https://pkg.cloudflare.com/cloudflared $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/cloudflared.list
+sudo apt-get update && sudo apt-get install cloudflared
+```
+
+</details>
+
+<details>
+<summary><b>🪟 Windows (inside WSL2)</b></summary>
+
+```bash
+# Inside WSL2:
+curl -fsSL https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64 -o /usr/local/bin/cloudflared
+chmod +x /usr/local/bin/cloudflared
+```
+
+Or install natively via PowerShell / CMD with winget:
+
+```powershell
+winget install --id Cloudflare.cloudflared
+```
+
+</details>
+
+**Or simply ask the Agent to install it for you.**
+
+Verify the installation:
+
+```bash
+cloudflared --version
+# Output should be similar to: cloudflared version 2025.x.x
+```
+
+> [!IMPORTANT]
+> You only need to install `cloudflared` — there is **no need** to run `cloudflared tunnel login`. Quick Tunnel requires no account authentication.
+
+---
+
+### Step 3: Install the CFShare Plugin
+
+**Option A — Install from npm (recommended):**
+
+```bash
+openclaw plugins install @ystemsrx/cfshare
+```
+
+**Option B — Install from a local directory (for development):**
+
+If you've already cloned the repository:
+
+```bash
+# Install dependencies first
+cd /path/to/cfshare
+npm install
+
+# Link to OpenClaw (dev mode, no file copying)
+openclaw plugins install -l .
+```
+
+---
+
+### Step 4: Enable the Plugin and Restart the Gateway
+
+```bash
+# Enable the plugin
+openclaw plugins enable cfshare
+
+# Restart the Gateway to load the plugin
+openclaw gateway restart
+```
+
+> [!NOTE]
+> If you're running in daemon mode (`--install-daemon`), you can also restart via `openclaw restart`.
+
+---
+
+## ⚙️ Configuration (Optional)
+
+CFShare works out of the box. The defaults below suit most use cases. To customize, edit `~/.openclaw/openclaw.json`:
+
+```json5
+{
+  plugins: {
+    entries: {
+      cfshare: {
+        enabled: true,
+        config: {
+          // Custom configuration (all fields are optional)
+        },
+      },
+    },
+  },
+}
+```
+
+### Configuration Reference
+
+| Option                     | Default               | Description                              |
+| :------------------------- | :-------------------- | :--------------------------------------- |
+| `cloudflaredPath`          | `"cloudflared"`       | Path or command name for `cloudflared`   |
+| `stateDir`                 | `~/.openclaw/cfshare` | Directory for state file storage         |
+| `defaultTtlSeconds`        | `3600` (1 hour)       | Default tunnel time-to-live              |
+| `maxTtlSeconds`            | `86400` (24 hours)    | Maximum TTL cap                          |
+| `defaultExposePortAccess`  | `"token"`             | Default auth mode for port exposure      |
+| `defaultExposeFilesAccess` | `"none"`              | Default auth mode for file sharing       |
+| `blockedPorts`             | `[22, 2375, 2376]`   | Ports blocked from exposure (SSH/Docker) |
+| `rateLimit.enabled`        | `true`                | Whether rate limiting is enabled         |
+| `rateLimit.maxRequests`    | `240`                 | Max requests per window                  |
+| `rateLimit.windowMs`       | `60000` (1 minute)    | Rate limit window in milliseconds        |
+
+> [!TIP]
+> **Auth mode reference:**
+>
+> - `"token"` — A token is required to access the link (suitable for port exposure)
+> - `"basic"` — HTTP Basic authentication (username/password)
+> - `"none"` — No authentication, anyone can access (suitable for temporary file sharing)
+
+---
+
+## 💬 Usage Examples
+
+Once installed, just speak naturally to your AI assistant — it will automatically invoke the appropriate CFShare tools:
+
+### Get AI-Processed Files
+
+> _"Rename all files under `/mnt/data/students/` to `{index}_{name}.{ext}` format, then bundle them up and give me a download link."_
+
+The Agent will automatically call `expose_files` and return a public link along with its expiration time.
+
+### Share Your Creations
+
+> _"Build a 3D interactive solar system model with Vue 3 + Vite, then share it with my friend via a link."_
+
+> _"Run this project for me and send me the link to access it."_
+
+The Agent will create and run the project, then use `expose_port` to create a tunnel so anyone can access it through a link.
+
+### Share a Directory (with File Browser) — preview images/videos/text in-browser, or download (encryption supported)
+
+> _"Share the directory `~/Pictures/vacation` with encryption."_
+
+The Agent will use `expose_files` in `preview` mode to create a share page with a file browser. A valid token is required to access it.
+
+### View Active Shares
+
+> _"What links do I have active right now?"_
+
+### Stop Sharing
+
+> _"Shut down all active share links."_
+
+---
+
+## 🧰 Tool Overview
+
+CFShare registers the following tools for the AI:
+
+| Tool            | Purpose                                           |
+| :-------------- | :------------------------------------------------ |
+| `env_check`     | Check if `cloudflared` is available & view policy  |
+| `expose_port`   | Expose a local port to the public internet        |
+| `expose_files`  | Share files/directories (auto static server)      |
+| `exposure_list` | List all active sessions                          |
+| `exposure_get`  | Get details for a specific session                |
+| `exposure_stop` | Stop and clean up specific or all sessions        |
+| `exposure_logs` | View session logs                                 |
+| `maintenance`   | TTL guardian / garbage collection / policy refresh |
+| `audit_query`   | Query audit logs                                  |
+| `audit_export`  | Export audit logs to a file                       |
+
+---
+
+## 🔐 Security Design
+
+<table>
+<tr><td>🛡️</td><td><b>Secure by Default</b></td><td>Port exposure defaults to token auth + reverse proxy protection</td></tr>
+<tr><td>🚫</td><td><b>Port Blacklist</b></td><td>SSH (22) and Docker Daemon (2375/2376) are blocked by default</td></tr>
+<tr><td>⏳</td><td><b>Auto Expiry</b></td><td>Sessions automatically close tunnels and delete temp files upon expiration</td></tr>
+<tr><td>📊</td><td><b>Rate Limiting</b></td><td>Per-IP sliding window rate limiting (default: 240 req/min)</td></tr>
+<tr><td>📝</td><td><b>Audit Logging</b></td><td>All operations are logged to a local JSONL file</td></tr>
+<tr><td>🙈</td><td><b>File Exclusion</b></td><td>Automatically excludes <code>.git/</code>, <code>.openclaw/</code>, and respects <code>.gitignore</code> rules</td></tr>
+</table>
+
+---
+
+## ❓ FAQ
+
+<details>
+<summary><b>Q: Do I need a paid Cloudflare account?</b></summary>
+
+No. CFShare uses Cloudflare Quick Tunnel (`trycloudflare.com`), which is completely free and requires no account registration.
+
+</details>
+
+<details>
+<summary><b>Q: How long do links last?</b></summary>
+
+By default, 1 hour. This can be adjusted via configuration or specified per share (up to 7 days). Links are automatically destroyed upon expiry.
+
+</details>
+
+<details>
+<summary><b>Q: What if cloudflared is not found?</b></summary>
+
+1. Confirm `cloudflared` is installed: `cloudflared --version`
+2. If it's installed in a location not in your `PATH`, specify the full path in the config:
+
+```json5
+{
+  plugins: {
+    entries: {
+      cfshare: {
+        config: { cloudflaredPath: "/usr/local/bin/cloudflared" },
+      },
+    },
+  },
+}
+```
+
+</details>
+
+<details>
+<summary><b>Q: Can I use it directly on Windows?</b></summary>
+
+OpenClaw officially strongly recommends using WSL2 on Windows. CFShare follows the same guidance — please use it within a WSL2 environment.
+
+</details>
+
+<details>
+<summary><b>Q: How do I verify the plugin installed correctly?</b></summary>
+
+```bash
+openclaw plugins list
+# You should see cfshare listed as enabled
+```
+
+Then tell the AI _"Run the cfshare environment check"_ — it will call `env_check` and return detailed status information.
+
+</details>
+
+---
+
+## 📄 License
+
+MIT © [ystemsrx](https://github.com/ystemsrx)

package/README.zh.md

@@ -0,0 +1,337 @@
+<h1 align="center">☁️ CFShare</h1>
+
+<p align="center">
+通过 Cloudflare 隧道安全地将本地文件与服务分享到公网
+</p>
+
+<p align="center">
+  <img src="https://img.shields.io/badge/平台-macOS_|_Linux_|_Windows_(WSL2)-9cf?style=flat-square" alt="平台">
+  <img src="https://img.shields.io/badge/Node-≥22-339933?style=flat-square&logo=node.js&logoColor=white" alt="Node">
+  <img src="https://img.shields.io/badge/OpenClaw-≥2026.1.29-E86D37?style=flat-square" alt="OpenClaw">
+  <img src="https://img.shields.io/badge/许可-MIT-97CA00?style=flat-square" alt="MIT">
+</p>
+
+<p align="center">
+  <strong>简体中文</strong>
+  &nbsp;|&nbsp;
+  <a href="./README.md">English</a>
+</p>
+
+---
+
+## 📖 这是什么？
+
+**CFShare** 是 [OpenClaw](https://github.com/openclaw/openclaw) 的社区插件，让你的 AI 助手能够：
+
+- 🔗 **一键将本地端口**暴露为临时公网 HTTPS 链接（`https://*.trycloudflare.com`）
+- 📁 **分享文件/目录**——自动起本地静态服务器 + 隧道，对方打开链接即可浏览/下载/预览（支持加密）
+- 🔒 **内置安全策略**——Token/Basic 认证、速率限制、端口黑名单、排除规则
+- ⏱️ **自动过期清理**——TTL 到期自动关闭隧道并删除临时文件
+
+> [!NOTE]
+> **无需 Cloudflare 账号**。CFShare 使用的是 [Cloudflare Quick Tunnel](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/do-more-with-tunnels/trycloudflare/)（`trycloudflare.com`），完全免费、即开即用。
+
+---
+
+## 🏗️ 工作原理
+
+```mermaid
+flowchart LR
+    subgraph LOCAL["你的电脑"]
+        A["本地服务 / 文件"]
+        B["[可选] 反向代理<br/>(认证 + 限流)"]
+        C["cloudflared tunnel"]
+
+        A --> B
+        B --> C
+    end
+
+    C ==>|Cloudflare Quick Tunnel| D["https://xxx.trycloudflare.com"]
+    E["对方浏览器"] --> D
+```
+
+CFShare 在内部完成：路径校验 → 文件复制到临时目录 → 启动只读静态服务器 → 挂载认证/限流反代 → 开启 `cloudflared` 隧道 → 设置过期回收。你只需告诉 AI “我要分享什么”，它会帮你完成剩下的工作。
+
+---
+
+## 🚀 安装步骤
+
+### 第一步：确保已安装 OpenClaw
+
+如果你还没有安装 OpenClaw，请先完成安装：
+
+```bash
+# 安装 OpenClaw（需要 Node.js ≥ 22）
+npm install -g openclaw@latest
+
+# 运行初始化向导
+openclaw onboard --install-daemon
+```
+
+> [!TIP]
+> 如果你不确定 Node.js 版本，运行 `node -v` 检查。推荐使用 [nvm](https://github.com/nvm-sh/nvm) 管理版本。
+
+---
+
+### 第二步：安装 `cloudflared`
+
+CFShare 依赖 Cloudflare 的 `cloudflared` 命令行工具来创建隧道。
+
+<details>
+<summary><b>🍎 macOS</b></summary>
+
+```bash
+brew install cloudflare/cloudflare/cloudflared
+```
+
+</details>
+
+<details>
+<summary><b>🐧 Linux（Debian / Ubuntu）</b></summary>
+
+```bash
+curl -fsSL https://pkg.cloudflare.com/cloudflare-main.gpg | sudo tee /usr/share/keyrings/cloudflare-main.gpg >/dev/null
+echo "deb [signed-by=/usr/share/keyrings/cloudflare-main.gpg] https://pkg.cloudflare.com/cloudflared $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/cloudflared.list
+sudo apt-get update && sudo apt-get install cloudflared
+```
+
+</details>
+
+<details>
+<summary><b>🪟 Windows（WSL2 内操作）</b></summary>
+
+```bash
+# 在 WSL2 中：
+curl -fsSL https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64 -o /usr/local/bin/cloudflared
+chmod +x /usr/local/bin/cloudflared
+```
+
+或在 Windows 原生 PowerShell / CMD 中使用 winget：
+
+```powershell
+winget install --id Cloudflare.cloudflared
+```
+
+</details>
+
+**或者直接告诉 Agent 让他帮你安装**
+
+安装后验证：
+
+```bash
+cloudflared --version
+# 输出类似: cloudflared version 2025.x.x
+```
+
+> [!IMPORTANT]
+> 只需安装 `cloudflared`，**不需要**运行 `cloudflared tunnel login`。Quick Tunnel 无需账号认证。
+
+---
+
+### 第三步：安装 CFShare 插件
+
+**方式 A — 从 npm 安装（推荐）：**
+
+```bash
+openclaw plugins install @ystemsrx/cfshare
+```
+
+**方式 B — 从本地目录安装（适用于开发）：**
+
+如果你已经克隆了仓库：
+
+```bash
+# 先安装依赖
+cd /path/to/cfshare
+npm install
+
+# 链接到 OpenClaw（开发模式，不复制文件）
+openclaw plugins install -l .
+```
+
+---
+
+### 第四步：启用插件并重启 Gateway
+
+```bash
+# 启用插件
+openclaw plugins enable cfshare
+
+# 重启 Gateway 使插件生效
+openclaw gateway restart
+```
+
+> [!NOTE]
+> 如果你使用守护进程模式（`--install-daemon`），也可以通过 `openclaw restart` 重启。
+
+---
+
+## ⚙️ 配置（可选）
+
+CFShare 开箱即用，以下默认配置适合绝大多数场景。如需调整，编辑 `~/.openclaw/openclaw.json`：
+
+```json5
+{
+  plugins: {
+    entries: {
+      cfshare: {
+        enabled: true,
+        config: {
+          // 自定义配置（以下皆为可选项）
+        },
+      },
+    },
+  },
+}
+```
+
+### 可配置项速查
+
+| 配置项                     | 默认值                | 说明                           |
+| :------------------------- | :-------------------- | :----------------------------- |
+| `cloudflaredPath`          | `"cloudflared"`       | `cloudflared` 的路径或名称     |
+| `stateDir`                 | `~/.openclaw/cfshare` | 状态文件存储目录               |
+| `defaultTtlSeconds`        | `3600`（1 小时）      | 默认隧道存活时间               |
+| `maxTtlSeconds`            | `86400`（24 小时）    | 最大 TTL 上限                  |
+| `defaultExposePortAccess`  | `"token"`             | 端口暴露默认认证模式           |
+| `defaultExposeFilesAccess` | `"none"`              | 文件分享默认认证模式           |
+| `blockedPorts`             | `[22, 2375, 2376]`    | 禁止暴露的端口（SSH / Docker） |
+| `rateLimit.enabled`        | `true`                | 是否启用速率限制               |
+| `rateLimit.maxRequests`    | `240`                 | 每窗口期最大请求数             |
+| `rateLimit.windowMs`       | `60000`（1 分钟）     | 速率限制窗口（毫秒）           |
+
+> [!TIP]
+> **认证模式说明：**
+>
+> - `"token"` — 访问链接需要带 Token（适合暴露端口）
+> - `"basic"` — HTTP Basic 认证（用户名/密码）
+> - `"none"` — 无认证，任何人都可访问（适合临时分享文件）
+
+---
+
+## 💬 使用示例
+
+安装完成后，你可以直接对 AI 助手说自然语言，它会自动调用 CFShare 工具：
+
+### 获取 AI 处理好的文件
+
+> _按照 `{index}_{name}.{ext}` 的格式整理 `/mnt/data/students/` 下所有文件名，最后打包发我下载链接_
+
+Agent 会自动执行 `expose_files`，返回一个公网链接和过期时间。
+
+### 分享你的作品
+
+> _"用 Vue3+Vite 框架完成3D交互式太阳系模型，然后用链接分享给我朋友"_
+
+>_"帮我运行这个项目，最后把链接发我访问"_
+
+Agent 会创建项目并运行，然后通过 `expose_port` 创建隧道，让任何人都能通过一个链接访问。
+
+### 分享目录（带文件浏览器），可以在浏览器中预览图片/视频/文本等，也可以下载（支持加密）
+
+> _"加密分享目录 `~/Pictures/vacation`"_
+
+Agent 会用 `expose_files` 的 `preview` 模式创建带文件浏览器的分享页面，你需要拥有有效的 Token 才能访问。
+
+### 查看活跃分享
+
+> _"我现在有哪些正在分享的链接？"_
+
+### 停止分享
+
+> _"关掉所有正在分享的链接"_
+
+---
+
+## 🧰 工具一览
+
+CFShare 为 AI 注册了以下工具：
+
+| 工具            | 作用                                  |
+| :-------------- | :------------------------------------ |
+| `env_check`     | 检查 `cloudflared` 是否可用及当前策略 |
+| `expose_port`   | 暴露本地端口到公网                    |
+| `expose_files`  | 分享文件/目录（自动起静态服务器）     |
+| `exposure_list` | 列出所有活跃会话                      |
+| `exposure_get`  | 获取指定会话详情                      |
+| `exposure_stop` | 停止并清理指定/全部会话               |
+| `exposure_logs` | 查看会话日志                          |
+| `maintenance`   | TTL 守护 / 垃圾回收 / 策略更新        |
+| `audit_query`   | 查询审计日志                          |
+| `audit_export`  | 导出审计日志到文件                    |
+
+---
+
+## 🔐 安全设计
+
+<table>
+<tr><td>🛡️</td><td><b>默认安全</b></td><td>端口暴露默认开启 Token 认证 + 反向代理保护</td></tr>
+<tr><td>🚫</td><td><b>端口黑名单</b></td><td>SSH (22)、Docker Daemon (2375/2376) 默认禁止暴露</td></tr>
+<tr><td>⏳</td><td><b>自动过期</b></td><td>会话到期自动关闭隧道并删除临时文件</td></tr>
+<tr><td>📊</td><td><b>速率限制</b></td><td>Per-IP 滑动窗口限流（默认 240 次/分钟）</td></tr>
+<tr><td>📝</td><td><b>审计日志</b></td><td>所有操作记录到本地 JSONL 文件</td></tr>
+<tr><td>🙈</td><td><b>文件排除</b></td><td>自动排除 <code>.git/</code>、<code>.openclaw/</code>，并遵守 <code>.gitignore</code> 规则</td></tr>
+</table>
+
+---
+
+## ❓ 常见问题
+
+<details>
+<summary><b>Q: 需要 Cloudflare 付费账号吗？</b></summary>
+
+不需要。CFShare 使用 Cloudflare Quick Tunnel（`trycloudflare.com`），完全免费，无需注册账号。
+
+</details>
+
+<details>
+<summary><b>Q: 链接有效期多长？</b></summary>
+
+默认 1 小时，可通过配置或每次分享时指定（最长 7 天）。到期后自动销毁。
+
+</details>
+
+<details>
+<summary><b>Q: cloudflared 提示找不到怎么办？</b></summary>
+
+1. 确认 `cloudflared` 已安装：`cloudflared --version`
+2. 如果安装位置不在 `PATH` 中，在配置里指定完整路径：
+
+```json5
+{
+  plugins: {
+    entries: {
+      cfshare: {
+        config: { cloudflaredPath: "/usr/local/bin/cloudflared" },
+      },
+    },
+  },
+}
+```
+
+</details>
+
+<details>
+<summary><b>Q: 可以在 Windows 上直接用吗？</b></summary>
+
+OpenClaw 官方强烈推荐在 Windows 上使用 WSL2。CFShare 同样遵循此建议，请在 WSL2 环境中使用。
+
+</details>
+
+<details>
+<summary><b>Q: 如何验证插件是否安装成功？</b></summary>
+
+```bash
+openclaw plugins list
+# 应该能看到 cfshare 处于 enabled 状态
+```
+
+然后对 AI 说 _"运行 cfshare 环境检查"_，它会调用 `env_check` 并返回详细状态。
+
+</details>
+
+---
+
+## 📄 许可
+
+MIT © [ystemsrx](https://github.com/ystemsrx)