Does this work with my existing CI/CD pipeline?

Absolutely. The skill includes YAML configurations for GitHub Actions and other CI tools to automate policy validation and schema checks during the pull request process.

How does this skill prevent Windsurf API key leaks?

It implements specific ESLint rules and pre-commit hooks that use regex patterns to detect Windsurf secret keys (sk_live/sk_test) before they are committed to your version control system.

Can I customize the security policy checks?

Yes, the skill provides extensible templates for Open Policy Agent (OPA) and ESLint that can be tailored to your specific organizational requirements and staging environments.

What are runtime guardrails in the context of Windsurf?

Runtime guardrails are programmatic checks that prevent high-risk actions, such as bulk deletions or data resets, from executing in a production environment based on your application's environment variables.

Windsurf Policy & Guardrails

Name: Windsurf Policy & Guardrails
Author: jeremylongshore

byjeremylongshore

•

1,030

•

보안 및 테스팅

Enforces code quality, security standards, and automated guardrails for Windsurf integrations throughout the development lifecycle.

This skill provides a comprehensive framework for maintaining high standards in Windsurf-based projects by automating the enforcement of best practices. It integrates custom ESLint rules to detect hardcoded secrets, pre-commit hooks to block sensitive data leaks, and CI/CD policy checks using Open Policy Agent (OPA). By combining automated linting with runtime guardrails and Architecture Decision Records (ADR), this skill ensures that Windsurf implementations remain secure, performant, and consistent, preventing common pitfalls like accidental production key exposure or unauthorized high-risk operations.

주요 기능

01Custom ESLint rules for Windsurf best practices and secret detection

02Automated pre-commit hooks to prevent hardcoded API keys from being committed

03CI/CD pipeline integration for automated policy-as-code validation via OPA

04Runtime guardrails to block dangerous operations in production environments

05Standardized Architecture Decision Records (ADR) for Windsurf implementation choices

061,030 GitHub stars

사용 사례

01Standardizing Windsurf client initialization and error handling across large engineering teams

02Implementing automated compliance checks for Windsurf configuration schemas in CI/CD

03Preventing accidental leakage of production Windsurf API keys in public or private codebases

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jeremylongshore/claude-code-plugins-plus-skills windsurf-policy-guardrails

For use in Claude.ai and ChatGPT

Download Skill

주요 기능

01Custom ESLint rules for Windsurf best practices and secret detection

02Automated pre-commit hooks to prevent hardcoded API keys from being committed

03CI/CD pipeline integration for automated policy-as-code validation via OPA

04Runtime guardrails to block dangerous operations in production environments

05Standardized Architecture Decision Records (ADR) for Windsurf implementation choices

061,030 GitHub stars

사용 사례

01Standardizing Windsurf client initialization and error handling across large engineering teams

02Implementing automated compliance checks for Windsurf configuration schemas in CI/CD

03Preventing accidental leakage of production Windsurf API keys in public or private codebases

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jeremylongshore/claude-code-plugins-plus-skills windsurf-policy-guardrails

For use in Claude.ai and ChatGPT

Download Skill