How does this skill help with staging environments?

The skill identifies common security gaps where staging or dev subdomains are publicly exposed and provides configuration templates to secure them using Cloudflare Access policies restricted to your team.

How does it detect unprotected admin routes?

It uses sophisticated path heuristics and route analysis to find sensitive endpoints like /admin or /internal that lack required authentication middleware or Access policies.

Does it support Infrastructure as Code tools like Terraform?

Yes, the skill provides quick-fix remediation examples in both Terraform (HCL) and Cloudflare Wrangler configuration formats.

What information is included in the audit report?

The audit report categorizes findings by severity (Critical, High, Medium, Low), lists specific affected routes, explains the risk, and provides a direct path to remediation.

Can it help with machine-to-machine authentication?

Yes, it provides specific implementation patterns and code snippets for using service tokens and mTLS to secure communication between Workers or from external CI/CD tools.

Cloudflare Zero Trust Security Audit

Name: Cloudflare Zero Trust Security Audit
Author: littlebearapps

bylittlebearapps

0•

Seguridad y Pruebas

Audits and secures Cloudflare deployments by identifying access gaps and implementing Zero Trust policies across all environments.

This skill empowers Claude to function as a Senior Cloudflare Security Engineer, providing a systematic approach to identifying and remediating security vulnerabilities. It focuses on auditing Cloudflare Access policies, verifying environment protection for staging and development routes, and implementing advanced authentication like mTLS and service tokens. By analyzing route configurations and account metadata, it helps users eliminate common risks such as exposed admin routes, public preview deployments, and weak session management, providing actionable remediation steps through Wrangler, Terraform, or TypeScript code.

Características Principales

01Actionable audit reports with prioritized remediation steps

02Identification of unprotected staging, dev, and admin routes

03Implementation patterns for mTLS and service token authentication

040 GitHub stars

05Detailed Cloudflare Access policy verification and auditing

06Automated environment discovery and risk assessment matrix

Casos de Uso

01Implementing machine-to-machine authentication for CI/CD and Worker-to-Worker communication

02Securing exposed staging or development environments with team-based Access policies

03Performing security audits on sensitive internal API routes to ensure Zero Trust compliance

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add littlebearapps/cloudflare-engineer zero-trust

For use in Claude.ai and ChatGPT

Características Principales

01Actionable audit reports with prioritized remediation steps

02Identification of unprotected staging, dev, and admin routes

03Implementation patterns for mTLS and service token authentication

040 GitHub stars

05Detailed Cloudflare Access policy verification and auditing

06Automated environment discovery and risk assessment matrix

Casos de Uso

01Implementing machine-to-machine authentication for CI/CD and Worker-to-Worker communication

02Securing exposed staging or development environments with team-based Access policies

03Performing security audits on sensitive internal API routes to ensure Zero Trust compliance