cloudflare-security-checker

# Cloudflare Security Checker SKILL

## Activation Patterns

This SKILL automatically activates when:
- Authentication or authorization code is detected
- Secret management patterns are used
- API endpoints or response creation is implemented
- Database queries (D1) are written
- CORS-related code is added
- Input validation patterns are implemented

## Expertise Provided

### Workers-Specific Security Validation
- **Secret Management**: Ensures proper `env` parameter usage vs hardcoded secrets
- **CORS Configuration**: Validates Workers-specific CORS implementation
- **Input Validation**: Checks for proper request validation patterns
- **SQL Injection Prevention**: Ensures D1 prepared statements
- **Authentication Patterns**: Validates JWT and API key handling
- **Rate Limiting**: Identifies missing rate limiting patterns

### Specific Checks Performed

#### ❌ Critical Security Violations
```typescript
// These patterns trigger immediate alerts:
const API_KEY = "sk_live_xxx";           // Hardcoded secret
const secret = process.env.JWT_SECRET;     // process.env doesn't exist
const query = `SELECT * FROM users WHERE id = ${userId}`; // SQL injection
```

#### ✅ Secure Workers Patterns
```typescript
// These patterns are validated as correct:
const apiKey = env.API_KEY;               // Proper env parameter
const result = await env.DB.prepare('SELECT * FROM users WHERE id = ?').bind(userId); // Prepared statement
```

## Integration Points

### Complementary to Existing Components
- **cloudflare-security-sentinel agent**: Handles comprehensive security audits, SKILL provides immediate validation
- **workers-runtime-validator SKILL**: Complements runtime checks with security-specific validation
- **es-deploy command**: SKILL prevents deployment of insecure code

### Escalation Triggers
- Complex security architecture questions → `cloudflare-security-sentinel` agent
- Advanced authentication patterns → `cloudflare-architecture-strategist` agent
- Security incident res