Securie for Cloudflare — Workers + Pages checks

live

Check your Cloudflare Workers and Cloudflare Pages deployments the same way Securie checks Vercel deployments. The coverage is Cloudflare-specific: wrangler.toml binding-scope validation per environment, D1 SQL-injection detection, KV access audit, unbounded request-body-size checks, and WAF rule analysis.

Updated

What it does

Validates that wrangler.toml bindings are correctly scoped per environment (preview vs production D1, KV, R2, Durable Objects). Detects D1 queries using template-string concatenation (SQL injection risk). Flags Worker routes that accept unbounded request bodies (cost-explosion vector). Analyzes WAF rules for common misconfigurations. Catches Durable Object storage access without tenant scoping.

When to use it

Best fit: teams building on Cloudflare Workers + D1 + KV + R2. Particularly useful for edge-native stacks where most security is enforced at the platform layer — Securie catches the application-layer bugs that remain.

Limitations

Available by request. Current Cloudflare coverage is a subset of the Vercel integration; some Worker-specific features (Durable Object security patterns, Queues authentication) ship later. Requires GitHub-hosted repo.

Install

  1. Install the Securie GitHub App on your Workers repository when the integration is enabled
  2. Securie auto-detects wrangler.toml and Worker source files
  3. Every PR touching wrangler.toml or Worker code triggers the Cloudflare-specific maintenance check
  4. Findings appear as PR comments with the exact binding/code fix