How does it handle CORS configuration?

The skill includes specific templates for managing origin-based access control, allowing you to implement secure, whitelist-based CORS policies rather than using unsafe wildcard configurations.

How does this skill help with Cloudflare Workers security?

It provides standardized, production-ready patterns for authentication, input validation, and security headers, ensuring your serverless functions follow industry best practices and mitigate common vulnerabilities.

Does it support input validation?

Absolutely. It features integrated patterns for using Zod to strictly validate and sanitize incoming request bodies and parameters, preventing injection attacks.

Can I use this for JWT verification?

Yes, the skill includes optimized implementation patterns for JWT verification using the native Web Crypto API, specifically tailored for the Cloudflare Workers runtime environment.

Cloudflare Workers Security

Name: Cloudflare Workers Security
Author: secondsky

bysecondsky

•

Security & Testing

Implements production-ready security patterns for Cloudflare Workers including authentication, rate limiting, and input validation.

This skill provides comprehensive security configurations and implementation patterns for Cloudflare Workers, helping developers secure serverless APIs and applications against common vulnerabilities. It offers domain-specific guidance for implementing JWT verification using the Web Crypto API, managing API keys, and enforcing strict CORS policies. By integrating industry-standard practices like Zod-based input validation and automated security headers, this skill ensures your serverless infrastructure remains robust, compliant, and protected from XSS, injection, and unauthorized access.

Key Features

01JWT and API key authentication implementation

02Zod-powered input validation and sanitization

03Advanced CORS configuration and management

04Automated security header injection

05Pre-configured rate limiting to prevent DoS attacks

0621 GitHub stars

Use Cases

01Implementing robust JWT authentication for serverless web applications

02Configuring strict security headers to prevent XSS and clickjacking

03Securing a public-facing REST API built on Cloudflare Workers

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add secondsky/claude-skills cloudflare-workers-security

For use in Claude.ai and ChatGPT

Download Skill