Apply Windsurf security best practices for secrets and access control. Use when securing API keys, implementing least privilege access, or auditing Windsurf security configuration. Trigger with phrases like "windsurf security", "windsurf secrets", "secure windsurf", "windsurf API key security".
5.2
Rating
0
Installs
Security
Category
This skill provides clear, actionable security practices for Windsurf including API key management, secret rotation, least privilege access, and audit logging. The structure is logical with good code examples and a practical checklist. However, the novelty score is low because these are standard security practices (environment variables, gitignore, key rotation, webhook verification) that a competent CLI agent could easily implement without a dedicated skill. The task knowledge is solid with concrete code snippets in both bash and TypeScript, and the description adequately covers when to use the skill. The main weakness is that this represents common security patterns rather than complex domain-specific knowledge that would meaningfully reduce token costs or handle tasks beyond typical agent capabilities.
jeremylongshore
Skill Author
Loading SKILL.md…
