Setup
On first use, read setup.md to align activation boundaries, provider preferences, and approval rules before any registration, transfer, or renewal action.
When to Use
Use this skill when the user needs domain registration operations across major providers and must choose between API automation and dashboard execution.
Use this for first-time registration, transfer planning, renewals, ownership checks, DNS handoff, and registrar security hardening where billing and service continuity are high impact.
Architecture
Memory lives in ~/domain-registration/. See memory-template.md for structure and status values.
CODEBLOCK0
Quick Reference
Use the smallest file needed for the current task.
| Topic | File |
|---|
| Setup and activation behavior | INLINECODE3 |
| Memory structure and status model |
memory-template.md |
| Provider API and dashboard matrix |
provider-matrix.md |
| New registration workflows by provider |
registration-playbooks.md |
| Transfer and renewal execution patterns |
transfer-renewal.md |
| DNS and account security controls |
dns-security-controls.md |
Provider Coverage
This skill covers API and dashboard workflows for major domain providers.
| Provider | API Coverage | Dashboard Coverage | Primary Use Notes |
|---|
| GoDaddy | Public Domains API | Yes | Broad retail registrar operations |
| Namecheap |
XML API | Yes | Domain lifecycle plus full DNS replace patterns |
| Route 53 Domains (AWS) | AWS Route53Domains API | Yes | Enterprise workflows via IAM-scoped automation |
| Cloudflare Registrar | DNS and zone API + registrar-adjacent ops | Yes | Registration lifecycle mostly dashboard-driven |
| Google Cloud Domains | Cloud Domains API | Yes | Portfolio management in Google Cloud projects |
| Squarespace Domains | No public registrar API | Yes | Dashboard-only lifecycle for Google Domains migrations |
| Dynadot | Public API | Yes | Cost-efficient registration and renewal workflows |
| Porkbun | Public JSON API | Yes | Fast API-first retail and small portfolio use |
| Name.com | Public REST API | Yes | Programmatic registration and transfer actions |
| Gandi | Public v5 API | Yes | EU-focused registrar and DNS lifecycle controls |
| OVHcloud Domains | Public API | Yes | Regional portfolio with API-backed operations |
| Tucows OpenSRS / Enom | Reseller APIs | Yes (reseller panels) | Reseller and wholesale portfolio operations |
Core Rules
1. Classify Provider and Interface Before Planning
- - Identify registrar, account context, and whether the operation should run via API or dashboard.
- If API support is partial, split execution clearly: API for read/validation, dashboard for billing-sensitive writes.
2. Run Registration Preflight Every Time
- - Validate domain availability from the target registrar directly, then confirm TLD rules, premium status, and renewal price.
- Confirm legal/trademark risk and required contact profile before submitting payment actions.
3. Choose the Lowest-Risk Execution Path
- - Prefer API for repeatable bulk operations with audit logs; prefer dashboard when provider APIs do not expose required lifecycle steps.
- For first-time provider usage, run one-domain pilot before any batch purchase or transfer.
4. Gate Billing and Ownership Actions with Explicit Confirmation
- - Registration, transfer, auto-renew changes, and WHOIS contact writes need explicit user confirmation.
- Confirm domain list, years, currency impact, and ownership target before execution.
5. Preserve Rollback State Before Mutating DNS or Nameservers
- - Snapshot current DNS and nameserver state before transfer or registrar migration.
- Keep rollback-ready records so the prior state can be restored quickly if propagation or ownership validation fails.
6. Enforce Registrar Security Baseline Post-Registration
- - Enable account 2FA, registrar lock, and renewal monitoring immediately after successful purchase or transfer.
- Add DNSSEC only after authoritative DNS compatibility is confirmed for the target provider.
7. Verify Outcomes and Log Durable Context
- - Verify success with provider API/dashboard confirmation plus resolver-level checks (
dig, WHOIS status, nameserver visibility). - Update
~/domain-registration/ memory files with provider choice, lifecycle dates, and known edge cases.
Common Traps
- - Treating all providers as API-equivalent -> missing lifecycle steps because some registrars are dashboard-only for critical actions.
- Skipping premium renewal checks -> surprise annual billing that exceeds initial purchase assumptions.
- Running batch registration without one-domain pilot -> multiplied failures from bad contact, tax, or payment configuration.
- Forgetting 60-day transfer lock rules -> transfer plans fail despite valid auth codes.
- Replacing DNS records without full snapshot -> incomplete rollback during cutover incidents.
- Enabling DNSSEC before DS/zone readiness -> domain resolution failures after migration.
- Leaving domains without renewal monitoring -> avoidable expiration and brand abuse risk.
External Endpoints
| Endpoint | Data Sent | Purpose |
|---|
| https://api.godaddy.com | Domain queries, registration and management payloads | GoDaddy API lifecycle operations |
| https://sso.godaddy.com |
Authenticated account actions | GoDaddy dashboard operations |
| https://api.namecheap.com/xml.response | Domain and DNS XML parameters | Namecheap API actions |
| https://ap.www.namecheap.com | Account and billing interactions | Namecheap dashboard operations |
| https://route53domains.us-east-1.amazonaws.com | Domain lifecycle API payloads via AWS signatures | Route 53 Domains automation |
| https://console.aws.amazon.com | Account and domain dashboard actions | AWS console execution and validation |
| https://api.cloudflare.com | Zone and registrar-adjacent configuration payloads | Cloudflare DNS and registrar workflow support |
| https://dash.cloudflare.com | Registrar and account dashboard actions | Cloudflare registrar lifecycle tasks |
| https://domains.googleapis.com | Cloud Domains API requests | Google Cloud Domains operations |
| https://console.cloud.google.com | Cloud Domains dashboard actions | Google Cloud portfolio management |
| https://account.squarespace.com | Account and domain dashboard interactions | Squarespace Domains lifecycle actions |
| https://api.dynadot.com | Domain command parameters | Dynadot API operations |
| https://porkbun.com/api/json/v3 | Domain and DNS JSON payloads | Porkbun API lifecycle operations |
| https://api.name.com | Domain, DNS, and transfer payloads | Name.com API actions |
| https://api.gandi.net | Domain and DNS JSON payloads | Gandi v5 API operations |
| https://api.ovh.com | Domain lifecycle API payloads | OVHcloud domain operations |
| https://api.opensrs.com | Reseller domain payloads | Tucows OpenSRS operations |
| https://reseller.enom.com/interface.asp | Reseller panel interactions | Enom dashboard and reseller lifecycle actions |
No other data is sent externally.
Security & Privacy
Data that leaves your machine:
- - Registrar API requests and dashboard session traffic needed for domain lifecycle operations.
- Domain names, contact metadata, and operation parameters required by selected providers.
Data that stays local:
- - Operational preferences and provider context in
~/domain-registration/. - Change history, rollback state references, and incident notes.
This skill does NOT:
- - Execute undeclared endpoints.
- Approve billing-impacting domain actions without explicit confirmation.
- Store credentials in skill files.
- Bypass provider security or anti-abuse controls.
Trust
This skill can send domain lifecycle data to third-party registrar services when the user approves execution.
Only install if you trust the selected providers and local credential handling practices.
Related Skills
Install with
clawhub install <slug> if user confirms:
- -
dns - DNS records, propagation behavior, and incident troubleshooting - INLINECODE14� - API request design, authentication, and failure handling
- INLINECODE15� - Hosting cutovers coordinated with domain and DNS transitions
- INLINECODE16� - Certificate validation and HTTPS recovery after DNS or registrar changes
- INLINECODE17� - Environment architecture and operations runbooks
Feedback
- - If useful: �INLINECODE18
- Stay updated: �INLINECODE19
设置
首次使用时,请阅读 setup.md,以在发起任何注册、转移或续费操作前,对齐激活边界、提供商偏好和审批规则。
使用时机
当用户需要在主要提供商之间进行域名注册操作,并且必须在API自动化和控制面板执行之间做出选择时,使用此技能。
在首次注册、转移规划、续费、所有权检查、DNS交接以及注册商安全加固(这些场景下计费和服务连续性影响重大)时使用。
架构
记忆文件位于 ~/domain-registration/。有关结构和状态值,请参阅 memory-template.md。
text
~/domain-registration/
|-- memory.md # 提供商偏好、风险边界和审批模型
|-- inventory.md # 域名清单、提供商、到期日和锁定状态
|-- changes.md # 注册、转移和续费操作日志
|-- providers.md # 账户别名、API就绪状态和控制面板访问说明
-- incidents.md # 失败的转移、续费遗漏和缓解历史记录
快速参考
为当前任务使用所需的最小文件。
| 主题 | 文件 |
|---|
| 设置和激活行为 | setup.md |
| 记忆结构和状态模型 |
memory-template.md |
| 提供商API和控制面板矩阵 | provider-matrix.md |
| 按提供商划分的新注册工作流程 | registration-playbooks.md |
| 转移和续费执行模式 | transfer-renewal.md |
| DNS和账户安全控制 | dns-security-controls.md |
提供商覆盖范围
此技能涵盖主要域名提供商的API和控制面板工作流程。
| 提供商 | API覆盖范围 | 控制面板覆盖范围 | 主要用途说明 |
|---|
| GoDaddy | 公共域名API | 是 | 广泛的零售注册商操作 |
| Namecheap |
XML API | 是 | 域名生命周期加上完整的DNS替换模式 |
| Route 53 Domains (AWS) | AWS Route53Domains API | 是 | 通过IAM限定的自动化实现企业工作流程 |
| Cloudflare Registrar | DNS和区域API + 注册商相关操作 | 是 | 注册生命周期主要通过控制面板驱动 |
| Google Cloud Domains | Cloud Domains API | 是 | Google Cloud项目中的投资组合管理 |
| Squarespace Domains | 无公共注册商API | 是 | 仅控制面板的生命周期,用于Google Domains迁移 |
| Dynadot | 公共API | 是 | 经济高效的注册和续费工作流程 |
| Porkbun | 公共JSON API | 是 | 快速的API优先零售和小型投资组合使用 |
| Name.com | 公共REST API | 是 | 程序化注册和转移操作 |
| Gandi | 公共v5 API | 是 | 专注于欧盟的注册商和DNS生命周期控制 |
| OVHcloud Domains | 公共API | 是 | 具有API支持操作的区域性投资组合 |
| Tucows OpenSRS / Enom | 经销商API | 是(经销商面板) | 经销商和批发投资组合操作 |
核心规则
1. 在规划前对提供商和接口进行分类
- - 识别注册商、账户上下文,以及操作应通过API还是控制面板执行。
- 如果API支持不完整,明确划分执行:API用于读取/验证,控制面板用于计费敏感的写入操作。
2. 每次执行注册预检
- - 直接从目标提供商验证域名可用性,然后确认TLD规则、溢价状态和续费价格。
- 在提交付款操作前,确认法律/商标风险和所需的联系资料。
3. 选择风险最低的执行路径
- - 对于具有审计日志的可重复批量操作,优先使用API;当提供商API未暴露所需生命周期步骤时,优先使用控制面板。
- 首次使用提供商时,在进行任何批量购买或转移前,先运行单域名试点。
4. 对计费和所有权操作设置明确确认门槛
- - 注册、转移、自动续费更改和WHOIS联系信息写入需要用户明确确认。
- 在执行前确认域名列表、年限、货币影响和所有权目标。
5. 在变更DNS或名称服务器前保留回滚状态
- - 在转移或注册商迁移前,快照当前DNS和名称服务器状态。
- 保留可随时回滚的记录,以便在传播或所有权验证失败时快速恢复先前状态。
6. 注册后强制执行注册商安全基线
- - 在成功购买或转移后,立即启用账户双因素认证、注册商锁定和续费监控。
- 仅在确认目标提供商的权威DNS兼容性后,才添加DNSSEC。
7. 验证结果并记录持久上下文
- - 通过提供商API/控制面板确认以及解析器级别检查(dig、WHOIS状态、名称服务器可见性)验证成功。
- 使用提供商选择、生命周期日期和已知边缘情况更新 ~/domain-registration/ 记忆文件。
常见陷阱
- - 将所有提供商视为API等效 -> 由于某些注册商对关键操作仅支持控制面板,导致遗漏生命周期步骤。
- 跳过溢价续费检查 -> 年度计费意外超出初始购买假设。
- 未进行单域名试点即运行批量注册 -> 因错误的联系人、税务或付款配置导致故障倍增。
- 忘记60天转移锁定规则 -> 尽管有有效的授权码,转移计划仍失败。
- 未进行完整快照即替换DNS记录 -> 切换事件期间回滚不完整。
- 在DS/区域就绪前启用DNSSEC -> 迁移后域名解析失败。
- 让域名处于无续费监控状态 -> 可避免的到期和品牌滥用风险。
外部端点
| 端点 | 发送的数据 | 目的 |
|---|
| https://api.godaddy.com | 域名查询、注册和管理负载 | GoDaddy API生命周期操作 |
| https://sso.godaddy.com |
经过身份验证的账户操作 | GoDaddy控制面板操作 |
| https://api.namecheap.com/xml.response | 域名和DNS XML参数 | Namecheap API操作 |
| https://ap.www.namecheap.com | 账户和计费交互 | Namecheap控制面板操作 |
| https://route53domains.us-east-1.amazonaws.com | 通过AWS签名的域名生命周期API负载 | Route 53 Domains自动化 |
| https://console.aws.amazon.com | 账户和域名控制面板操作 | AWS控制台执行和验证 |
| https://api.cloudflare.com | 区域和注册商相关配置负载 | Cloudflare DNS和注册商工作流程支持 |
| https://dash.cloudflare.com | 注册商和账户控制面板操作 | Cloudflare注册商生命周期任务 |
| https://domains.googleapis.com | Cloud Domains API请求 | Google Cloud Domains操作 |
| https://console.cloud.google.com | Cloud Domains控制面板操作 | Google Cloud投资组合管理 |
| https://account.squarespace.com | 账户和域名控制面板交互 | Squarespace Domains生命周期操作 |
| https://api.dynadot.com | 域名命令参数 | Dynadot API操作 |
| https://porkbun.com/api/json/v3 | 域名和DNS JSON负载 | Porkbun API生命周期操作 |
| https://api.name.com | 域名、DNS和转移负载 | Name.com API操作 |
| https://api.gandi.net | 域名和DNS JSON负载 | Gandi v5 API操作 |
| https://api.ovh.com | 域名生命周期API负载 | OVHcloud域名操作 |
| https://api.opensrs.com | 经销商域名负载 | Tucows OpenSRS操作 |
| https://reseller.enom.com/interface.asp | 经销商面板交互 | Enom控制面板和经销商生命周期操作 |
不会向外部发送其他数据。
安全与隐私
离开您机器的数据:
- - 域名生命周期操作所需的注册商API请求和控制面板会话流量。
- 所选提供商所需的域名、联系元数据和操作参数。
保留在本地数据:
- - ~/domain-registration/ 中的操作偏好和提供商上下文。
- 变更历史、回滚状态引用和事件记录。
此技能不会:
- - 执行未声明的端点。
- 未经明确确认批准影响计费的域名操作。
- 在技能文件中存储凭据。
- 绕过提供商安全或反滥用控制。
信任
当用户批准执行时,此技能可以将域名生命周期数据发送给第三方注册商服务。
仅当您信任所选提供商和本地凭据处理实践时才安装。
相关技能
如果用户确认,使用 clawhub install
安装:
- - dns - DNS记录、传播行为和事件故障排除
- api - API请求设计、身份验证和故障处理
- hosting - 与域名和DNS转换协调的主机切换
- ssl - DNS或注册商更改后的证书验证和HTTPS恢复
- infrastructure - 环境架构和操作运行手册
反馈
- - 如果有用:clawhub star domain-registration
- 保持更新:clawhub sync
