{
  "id": "review-ai-generated-cloudflare-workers",
  "type": "checklists",
  "category": "checklists",
  "locale": "zh",
  "url": "/zh/checklists/review-ai-generated-cloudflare-workers",
  "title": "审查AI生成的Cloudflare Workers的检查清单",
  "description": "针对AI编码代理编写的Cloudflare Workers代码的人工审查检查清单——运行时限制、KV、D1、绑定以及边缘安全。",
  "tools": [
    "Cursor",
    "Claude Code",
    "Codex",
    "Windsurf"
  ],
  "stack": [
    "Cloudflare",
    "TypeScript"
  ],
  "tags": [
    "cloudflare",
    "review",
    "security",
    "typescript",
    "deploy"
  ],
  "difficulty": null,
  "updated": "2026-06-08",
  "markdown": "Cloudflare Workers的运行时既不是Node.js也不是浏览器。训练于Node.js代码的AI代理会调用那些在边缘静默失败或完全缺失的API。\n\n## 正确性\n\n```txt\n[ ] Worker exports a fetch handler with the correct signature: (request, env, ctx)\n[ ] No use of Node.js built-ins — no fs, path, os, net, child_process, or crypto from 'node:crypto' without the nodejs_compat flag\n[ ] crypto.randomUUID() and crypto.subtle are accessed via the global — not imported\n[ ] setTimeout and setInterval are used only for short delays — no long-running timers\n[ ] ctx.waitUntil() wraps any async work that must complete after the response is sent\n[ ] All bindings (KV, D1, R2, Queue, AI) are accessed via env, not as module-level globals\n[ ] Durable Object stubs are obtained via env.MY_DO.idFromName() or idFromString() — not constructed directly\n[ ] Durable Object state.storage calls are awaited — they are async\n[ ] R2 object body is consumed — unclosed readable streams cause memory leaks\n[ ] Scheduled handlers export a scheduled() function, not fetch()\n[ ] wrangler.toml [vars] only holds non-secret config — secrets go in wrangler secret put\n[ ] No top-level await outside of module scope — Workers support it but some bundlers break it\n```\n\n## 安全性\n\n```txt\n[ ] Incoming requests validate the Content-Type header before parsing the body\n[ ] User-supplied values are not interpolated into KV key names without sanitization\n[ ] D1 queries use parameterized bindings — no string concatenation for SQL\n[ ] CORS headers on cross-origin endpoints are explicit and not set to * for credentialed requests\n[ ] Secrets are read from env, never hardcoded in source or wrangler.toml [vars]\n[ ] Webhook endpoints verify signatures (e.g. Stripe-Signature, X-Hub-Signature-256) before processing\n[ ] Responses do not leak internal error stack traces — catch and return generic 500\n[ ] Auth tokens from headers are validated server-side — not just decoded and trusted\n[ ] KV keys containing user IDs are namespaced per tenant to prevent cross-tenant reads\n[ ] Queue consumers validate message shape before processing — malformed messages can DLQ-loop\n```\n\n## 性能\n\n```txt\n[ ] CPU time stays under 10ms for free tier, 30ms for paid — no synchronous heavy computation\n[ ] KV reads in hot paths use the cache TTL parameter to avoid remote fetches on every request\n[ ] D1 queries are batched with db.batch() where possible to reduce round trips\n[ ] Large response bodies are streamed — do not buffer multi-MB payloads in memory\n[ ] Assets served from R2 set Cache-Control headers and use cf.cacheEverything where applicable\n[ ] No N+1 KV or D1 calls inside a loop — batch or restructure data access\n[ ] fetch() calls to external services set an AbortController timeout\n[ ] Worker bundle size is under 1 MB compressed — verify with wrangler deploy --dry-run\n```\n\n## 部署\n\n```txt\n[ ] wrangler.toml account_id and zone_id do not contain real values in source control\n[ ] All KV namespaces and D1 databases referenced in wrangler.toml are created in the dashboard\n[ ] Routes in wrangler.toml match the intended host pattern — trailing /* is often required\n[ ] compatibility_date is set and up-to-date — behavior changes with each compat date\n[ ] nodejs_compat flag is enabled in wrangler.toml when using node: imports\n[ ] Preview deployments use separate KV namespace bindings from production\n[ ] Secrets are set in both production and preview environments via wrangler secret put --env\n[ ] Worker name in wrangler.toml does not collide with an existing production Worker\n```\n\n## AI特有风险\n\n```txt\n[ ] AI has not used process.env — environment in Workers is env parameter, not process.env\n[ ] AI has not used require() — Workers use ES modules\n[ ] AI has not used __dirname or __filename — not available in the Workers runtime\n[ ] AI has not used Buffer — use Uint8Array or TextEncoder/TextDecoder instead\n[ ] AI has not fabricated KV methods — only get, put, delete, list, and getWithMetadata exist\n[ ] AI has not used D1 syntax from a different SQLite driver (e.g. better-sqlite3)\n[ ] AI has not assumed fetch() returns a Node.js IncomingMessage — it returns a Web API Response\n[ ] Hono, itty-router, or other framework version is current — AI may use deprecated APIs\n```\n\n## 修复提示\n\n```txt title=\"Fix Prompt\"\nReview this Cloudflare Worker against the checklist above. Replace any Node.js\nAPIs with Web API equivalents, parameterize all D1 queries, move secrets to\nenv, and add ctx.waitUntil() for background work. Ensure the wrangler.toml\nbindings match what the code reads from env. Return the corrected Worker and\nupdated wrangler.toml.\n```"
}