This handles the security fundamentals you need for Cloudflare Workers: JWT and API key authentication, input validation with Zod, rate limiting, CORS configuration, and security headers. It includes working code for verifying tokens with crypto.subtle, hashing API keys, and a practical checklist of the top 10 vulnerabilities like SQL injection, XSS, and secrets exposure. Use it when you're building an API that needs auth, debugging CORS errors, or hardening a worker against common attacks. The templates give you drop-in middleware for auth and rate limiting. Honestly, it's less about novel techniques and more about having the boilerplate done right so you don't ship something with missing headers or weak token validation.
npx skills add https://github.com/secondsky/claude-skills --skill cloudflare-workers-security