workers-best-practices

The workers-best-practices skill assists developers in writing and reviewing Cloudflare Workers code by enforcing production standards, identifying anti-patterns, and validating configuration files against current documentation.

25.4K
Installs
4
Use cases
9/10
Quality

Is workers-best-practices safe to install?

Review the source first

Review the source first: our audit of workers-best-practices's source files found 4 shell commands, 2 external URLs, file reads and writes (high risk). Every command and URL listed appears verbatim in the skill's source. The skill executes shell commands to fetch external packages and run CLI tools, and it reads local project files including configuration and source code.

How we audit skills: our security review methodology.

Who is this skill for?

Developers building, reviewing, or configuring Cloudflare Workers.

What can you do with it?

  • Reviewing Worker code for anti-patterns like floating promises or global state.
  • Validating wrangler.jsonc configuration files.
  • Ensuring correct usage of Cloudflare Workers APIs and binding types.
  • Checking security practices such as crypto usage and secret handling.

How good is this skill?

Quality score: 9/10. The skill provides clear, actionable rules and a structured workflow. It correctly emphasizes retrieval over static knowledge. The tool surface is well-defined.

What does the skill file contain?

SKILL.md
Your knowledge of Cloudflare Workers APIs, types, and configuration may be outdated. **Prefer retrieval over pre-training** for any Workers code task — writing or reviewing.

## Retrieval Sources

Fetch the **latest** versions before writing or reviewing Workers code. Do not rely on baked-in knowledge for API signatures, config fields, or binding shapes.

| Source | How to retrieve | Use for |
|--------|----------------|---------|
| Workers best practices | Fetch `https://developers.cloudflare.com/workers/best-practices/workers-best-practices/` | Canonical rules, patterns, anti-patterns |
| Wo...

Frequently asked questions

Does this skill rely on pre-trained knowledge for API signatures?

No. The skill mandates fetching the latest versions of Workers types and documentation to avoid reliance on outdated pre-trained information.

How should I handle secrets in my Worker configuration?

Use the wrangler secret put command. Never hardcode secrets in configuration files or source code.

What should I do if I encounter a floating promise?

Ensure every Promise is awaited, returned, voided, or passed to ctx.waitUntil().

Data sourced from cloudflare/skills on GitHub. Install counts from skills.sh. The summary and security audit are derived from the skill's source files: every command and URL listed appears verbatim in the source.

Related skills

openclaw-secure-linux-cloud

270.1K

Users deploying OpenClaw on remote Linux cloud servers or VMs who require secure, hardened configurations

This skill provides a secure deployment and hardening framework for self-hosting OpenClaw on Linux cloud servers. It prioritizes private control planes, loopback binding, and SSH tunneling over public exposure.

lowsecuritylinuxxixu-me

find-skills

225.2K

Users and AI agents seeking to discover, evaluate, and install third-party agent skills from public registries

The find-skills skill searches multiple agent skill registries (skills.sh, clawhub.ai, and GitHub) in parallel to help users discover, vet, and install relevant agent capabilities. It provides a comparative report based on native popularity metrics, performs a heuristic security scan on top candidates, and flags skills already present on the user's system.

highsearchdiscoveryagentspace-so

caveman-review

219.4K

Developers and reviewers who prefer terse, actionable feedback on code changes

The caveman-review skill generates concise, one-line code review comments for pull requests. It enforces a strict format of location, problem, and fix to reduce noise in feedback.

nonecode-reviewproductivityjuliusbrussee

requesting-code-review

164.6K

Developers using subagent-driven development workflows who need to verify code quality and requirements adherence

This skill provides a structured process for dispatching a subagent to perform code reviews on specific git commits. It mandates reviews after task completion, feature implementation, and before merging code.

highcode-reviewgitobra