Can it prevent SQL injection in Cloudflare D1?

Yes, the skill flags string concatenation in D1 queries and provides examples of how to implement secure prepared statements with bound parameters.

How does this skill handle secret management in Workers?

It identifies hardcoded secrets and improper use of process.env, instructing developers to use the env parameter and Wrangler secrets instead.

When does the Cloudflare Security Checker activate?

It triggers automatically when Claude detects authentication code, secret handling, API endpoint creation, database queries, or CORS configurations.

Does it support modern input validation libraries?

The skill actively promotes and validates input validation patterns using tools like Zod to ensure request bodies match expected schemas.

Cloudflare Security Checker

Name: Cloudflare Security Checker
Author: hirefrank

byhirefrank

•

보안 및 테스팅

Validates Cloudflare Workers security patterns in real-time to prevent vulnerabilities and enforce serverless best practices.

소개

The Cloudflare Security Checker is a specialized skill designed to audit and secure Cloudflare Workers codebases throughout the development lifecycle. It automatically identifies critical security risks such as hardcoded secrets, SQL injection in D1 databases, and improper CORS configurations while providing context-aware remediation examples. By enforcing Workers-specific security standards and validating input patterns, this skill helps developers build resilient serverless applications and significantly reduces the overhead of manual security reviews.

주요 기능

SQL injection prevention for Cloudflare D1 databases using prepared statements
Automated checks for input validation patterns and payload size limits
2 GitHub stars
Expert guidance on secure JWT handling and API key authentication
Real-time identification of hardcoded secrets and improper environment variable usage
Validation of Workers-specific CORS implementation and security headers

사용 사례

Implementing robust authentication and authorization for serverless API endpoints
Securing Cloudflare Workers before deployment to prevent sensitive data leaks
Migrating legacy Node.js code to Workers by identifying incompatible process.env patterns

소개

주요 기능

SQL injection prevention for Cloudflare D1 databases using prepared statements
Automated checks for input validation patterns and payload size limits
2 GitHub stars
Expert guidance on secure JWT handling and API key authentication
Real-time identification of hardcoded secrets and improper environment variable usage
Validation of Workers-specific CORS implementation and security headers

사용 사례

Implementing robust authentication and authorization for serverless API endpoints
Securing Cloudflare Workers before deployment to prevent sensitive data leaks
Migrating legacy Node.js code to Workers by identifying incompatible process.env patterns