workers-security

Enhances Cloudflare Workers security with authentication, CORS, rate limiting, and input validation to protect APIs from vulnerabilities.

Install this skill

84/100

Security score

The workers-security skill was audited on Feb 9, 2026 and we found 8 security issues across 3 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 74

Template literal with variable interpolation in command context

SourceSKILL.md

74	const data = new TextEncoder().encode(`${headerB64}.${payloadB64}`);

medium line 108

Template literal with variable interpolation in command context

SourceSKILL.md

108	const client = await env.KV.get(`apikey:${keyHash}`, 'json');

low line 73

Base64 decode via atob()

SourceSKILL.md

73	const signature = Uint8Array.from(atob(signatureB64.replace(/-/g, '+').replace(/_/g, '/')), c => c.charCodeAt(0));

low line 80

Base64 decode via atob()

SourceSKILL.md

80	const payload = JSON.parse(atob(payloadB64.replace(/-/g, '+').replace(/_/g, '/')));

low line 180

External URL reference

SourceSKILL.md

180	const ALLOWED_ORIGINS = ['https://app.example.com', 'https://admin.example.com'];

low line 228

External URL reference

SourceSKILL.md

228	- Security: https://developers.cloudflare.com/workers/platform/security/

low line 229

External URL reference

SourceSKILL.md

229	- WAF: https://developers.cloudflare.com/waf/

low line 230

External URL reference

SourceSKILL.md

230	- Rate Limiting: https://developers.cloudflare.com/workers/runtime-apis/bindings/rate-limit/

Scanned on Feb 9, 2026

View Security Dashboard

Installation guide →

GitHub Stars 106

Rate this skill

Categorydevelopment

UpdatedMay 21, 2026

openclaw backend backend-developer devops-sre security-engineer development

majiayu000/claude-skill-registry