update skills

2026-03-21 18:11:27 -07:00 · 2026-03-17 16:53:22 -07:00
parent 0b0783ef8e
commit f9a530667e
389 changed files with 54512 additions and 1 deletions
--- a/.agents/skills/cloudflare-deploy/references/secrets-store/README.md
+++ b/.agents/skills/cloudflare-deploy/references/secrets-store/README.md
@@ -0,0 +1,74 @@
+# Cloudflare Secrets Store
+
+Account-level encrypted secret management for Workers and AI Gateway.
+
+## Overview
+
+**Secrets Store**: Centralized, account-level secrets, reusable across Workers
+**Worker Secrets**: Per-Worker secrets (`wrangler secret put`)
+
+### Architecture
+
+- **Store**: Container (1/account in beta)
+- **Secret**: String ≤1024 bytes
+- **Scopes**: Permission boundaries controlling access
+  - `workers`: For Workers runtime access
+  - `ai-gateway`: For AI Gateway access
+  - Secrets must have correct scope for binding to work
+- **Bindings**: Connect secrets via `env` object
+
+**Regional Availability**: Global except China Network (unavailable)
+
+### Access Control
+
+- **Super Admin**: Full access
+- **Admin**: Create/edit/delete secrets, view metadata
+- **Deployer**: View metadata + bindings
+- **Reporter**: View metadata only
+
+API Token permissions: `Account Secrets Store Edit/Read`
+
+### Limits (Beta)
+
+- 100 secrets/account
+- 1 store/account
+- 1024 bytes max/secret
+- Production secrets count toward limit
+
+## When to Use
+
+**Use Secrets Store when:**
+- Multiple Workers share same credential
+- Centralized management needed
+- Compliance requires audit trail
+- Team collaboration on secrets
+
+**Use Worker Secrets when:**
+- Secret unique to one Worker
+- Simple single-Worker project
+- No cross-Worker sharing needed
+
+## In This Reference
+
+### Reading Order by Task
+
+| Task | Start Here | Then Read |
+|------|------------|-----------|
+| Quick overview | README.md | - |
+| First-time setup | README.md → configuration.md | api.md |
+| Add secret to Worker | configuration.md | api.md |
+| Implement access pattern | api.md | patterns.md |
+| Debug errors | gotchas.md | api.md |
+| Secret rotation | patterns.md | configuration.md |
+| Best practices | gotchas.md | patterns.md |
+
+### Files
+
+- [configuration.md](./configuration.md) - Wrangler commands, binding config
+- [api.md](./api.md) - Binding API, get/put/delete operations
+- [patterns.md](./patterns.md) - Rotation, encryption, access control
+- [gotchas.md](./gotchas.md) - Security issues, limits, best practices
+
+## See Also
+- [workers](../workers/) - Worker bindings integration
+- [wrangler](../wrangler/) - CLI secret management commands