diff --git a/docs/ja-JP/skills/quarkus-security/SKILL.md b/docs/ja-JP/skills/quarkus-security/SKILL.md
index cd19f41c..69da4a28 100644
--- a/docs/ja-JP/skills/quarkus-security/SKILL.md
+++ b/docs/ja-JP/skills/quarkus-security/SKILL.md
@@ -72,11 +72,15 @@ public class CustomAuthFilter implements ContainerRequestFilter {
   public void filter(ContainerRequestContext requestContext) {
     String authHeader = requestContext.getHeaderString(HttpHeaders.AUTHORIZATION);
     
-    if (authHeader != null && authHeader.startsWith("Bearer ")) {
-      String token = authHeader.substring(7);
-      if (!validateToken(token)) {
-        requestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).build());
-      }
+    // ヘッダーが存在しないか不正な場合は即座に拒否
+    if (authHeader == null || !authHeader.startsWith("Bearer ")) {
+      requestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).build());
+      return;
+    }
+    
+    String token = authHeader.substring(7);
+    if (!validateToken(token)) {
+      requestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).build());
     }
   }
 
diff --git a/docs/tr/skills/quarkus-security/SKILL.md b/docs/tr/skills/quarkus-security/SKILL.md
index 8f1296ea..161fad6c 100644
--- a/docs/tr/skills/quarkus-security/SKILL.md
+++ b/docs/tr/skills/quarkus-security/SKILL.md
@@ -73,12 +73,15 @@ public class CustomAuthFilter implements ContainerRequestFilter {
   public void filter(ContainerRequestContext requestContext) {
     String authHeader = requestContext.getHeaderString(HttpHeaders.AUTHORIZATION);
     
-    if (authHeader != null && authHeader.startsWith("Bearer ")) {
-      String token = authHeader.substring(7);
-      // Token'ı doğrula ve SecurityIdentity'yi ayarla
-      if (!validateToken(token)) {
-        requestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).build());
-      }
+    // Başlık yoksa veya hatalıysa hemen reddet
+    if (authHeader == null || !authHeader.startsWith("Bearer ")) {
+      requestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).build());
+      return;
+    }
+    
+    String token = authHeader.substring(7);
+    if (!validateToken(token)) {
+      requestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).build());
     }
   }
 
diff --git a/docs/zh-CN/skills/quarkus-security/SKILL.md b/docs/zh-CN/skills/quarkus-security/SKILL.md
index 3e48b34b..5b2ff96a 100644
--- a/docs/zh-CN/skills/quarkus-security/SKILL.md
+++ b/docs/zh-CN/skills/quarkus-security/SKILL.md
@@ -72,11 +72,15 @@ public class CustomAuthFilter implements ContainerRequestFilter {
   public void filter(ContainerRequestContext requestContext) {
     String authHeader = requestContext.getHeaderString(HttpHeaders.AUTHORIZATION);
     
-    if (authHeader != null && authHeader.startsWith("Bearer ")) {
-      String token = authHeader.substring(7);
-      if (!validateToken(token)) {
-        requestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).build());
-      }
+    // 头部缺失或格式错误时立即拒绝
+    if (authHeader == null || !authHeader.startsWith("Bearer ")) {
+      requestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).build());
+      return;
+    }
+    
+    String token = authHeader.substring(7);
+    if (!validateToken(token)) {
+      requestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).build());
     }
   }
 
diff --git a/skills/quarkus-security/SKILL.md b/skills/quarkus-security/SKILL.md
index 99f91390..4a9af479 100644
--- a/skills/quarkus-security/SKILL.md
+++ b/skills/quarkus-security/SKILL.md
@@ -73,12 +73,15 @@ public class CustomAuthFilter implements ContainerRequestFilter {
   public void filter(ContainerRequestContext requestContext) {
     String authHeader = requestContext.getHeaderString(HttpHeaders.AUTHORIZATION);
     
-    if (authHeader != null && authHeader.startsWith("Bearer ")) {
-      String token = authHeader.substring(7);
-      // Validate token and set SecurityIdentity
-      if (!validateToken(token)) {
-        requestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).build());
-      }
+    // Reject immediately if header is absent or malformed
+    if (authHeader == null || !authHeader.startsWith("Bearer ")) {
+      requestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).build());
+      return;
+    }
+    
+    String token = authHeader.substring(7);
+    if (!validateToken(token)) {
+      requestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).build());
     }
   }