What are the most common Windsurf pitfalls this skill detects?

Common pitfalls include synchronous API calls in the main request path, ignoring rate limits, leaking API keys in client-side code, and failing to validate incoming webhooks.

How does this skill help during a code review?

It automatically scans your code for specific anti-patterns like hardcoded configurations or missing error handling, providing 'Better Approach' code snippets to replace problematic implementations.

Does it cover security best practices for Windsurf?

Absolutely. It audits for sensitive API key leakage in git history, PII logging in console outputs, and unverified webhooks to ensure your integration meets enterprise security standards.

Can this skill help prevent duplicate charges or transactions?

Yes, it specifically identifies missing idempotency logic in payment or transaction paths, which is a primary cause of duplicate records during network retries.

Windsurf Pitfalls & Best Practices

Name: Windsurf Pitfalls & Best Practices
Author: Brmbobo

byBrmbobo

0•

Security & Testing

Identifies and fixes common integration anti-patterns, security vulnerabilities, and performance bottlenecks in Windsurf-based applications.

This skill provides specialized guidance for developers working with Windsurf, focusing on identifying and correcting frequent architectural mistakes, security vulnerabilities, and performance issues. It covers critical areas such as avoiding synchronous API calls in request paths, implementing robust rate limiting, securing API keys, and ensuring webhook integrity. By scanning codebases for these specific anti-patterns, it helps teams maintain high-performance, secure, and resilient integrations while onboarding new developers to the platform's best practices using proven implementation patterns.

Key Features

01Audits code for sensitive data logging and API key leakage

02Validates implementation of idempotency and webhook security signatures

03Identifies missing rate limiting and backoff strategies

04Detects synchronous API calls that cause high request latency

05Recommends circuit breaker patterns for graceful service degradation

060 GitHub stars

Use Cases

01Reviewing existing Windsurf integrations for architectural flaws and tech debt

02Onboarding new developers to Windsurf-specific coding standards

03Automating security and performance auditing during the CI/CD process

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add brmbobo/web2podcast windsurf-known-pitfalls

For use in Claude.ai and ChatGPT

Key Features

01Audits code for sensitive data logging and API key leakage

02Validates implementation of idempotency and webhook security signatures

03Identifies missing rate limiting and backoff strategies

04Detects synchronous API calls that cause high request latency

05Recommends circuit breaker patterns for graceful service degradation

060 GitHub stars

Use Cases

01Reviewing existing Windsurf integrations for architectural flaws and tech debt

02Onboarding new developers to Windsurf-specific coding standards

03Automating security and performance auditing during the CI/CD process

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add brmbobo/web2podcast windsurf-known-pitfalls

For use in Claude.ai and ChatGPT