Can it prevent SQL injection in Cloudflare D1?

Yes, the skill flags string concatenation in D1 queries and provides examples of how to implement secure prepared statements with bound parameters.

How does this skill handle secret management in Workers?

It identifies hardcoded secrets and improper use of process.env, instructing developers to use the env parameter and Wrangler secrets instead.

When does the Cloudflare Security Checker activate?

It triggers automatically when Claude detects authentication code, secret handling, API endpoint creation, database queries, or CORS configurations.

Does it support modern input validation libraries?

The skill actively promotes and validates input validation patterns using tools like Zod to ensure request bodies match expected schemas.

Cloudflare Security Checker

Name: Cloudflare Security Checker
Author: hirefrank

byhirefrank

•

보안 및 테스팅

Validates Cloudflare Workers security patterns in real-time to prevent vulnerabilities and enforce serverless best practices.

The Cloudflare Security Checker is a specialized skill designed to audit and secure Cloudflare Workers codebases throughout the development lifecycle. It automatically identifies critical security risks such as hardcoded secrets, SQL injection in D1 databases, and improper CORS configurations while providing context-aware remediation examples. By enforcing Workers-specific security standards and validating input patterns, this skill helps developers build resilient serverless applications and significantly reduces the overhead of manual security reviews.

주요 기능

01SQL injection prevention for Cloudflare D1 databases using prepared statements

02Automated checks for input validation patterns and payload size limits

032 GitHub stars

04Expert guidance on secure JWT handling and API key authentication

05Real-time identification of hardcoded secrets and improper environment variable usage

06Validation of Workers-specific CORS implementation and security headers

사용 사례

01Implementing robust authentication and authorization for serverless API endpoints

02Securing Cloudflare Workers before deployment to prevent sensitive data leaks

03Migrating legacy Node.js code to Workers by identifying incompatible process.env patterns

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add hirefrank/hirefrank-marketplace cloudflare-security-checker

For use in Claude.ai and ChatGPT

Download Skill