How does this skill improve system resilience?

It provides implementation patterns for circuit breakers and graceful degradation, ensuring your application remains functional even if external services experience downtime.

Can I use this for security audits?

Yes, it specifically looks for PII logging, API key exposure in Git history, and unverified webhooks to help secure your integration.

Does this skill support automated code scanning?

Yes, it uses tools like Grep to scan the repository for specific patterns and triggers on phrases like 'windsurf code review' or 'windsurf pitfalls'.

What are common Windsurf anti-patterns?

Common anti-patterns include making synchronous API calls during user requests, hardcoding API keys, ignoring rate limits, and failing to verify webhook signatures.

Why is idempotency highlighted in this skill?

Idempotency is critical in API integrations to prevent duplicate actions, such as double-charging a user, in the event of a network retry.

Windsurf Integration Guardrails

Name: Windsurf Integration Guardrails
Author: jeremylongshore

byjeremylongshore

•

983

•

API Development

Protects Windsurf integrations by identifying common anti-patterns, security vulnerabilities, and performance bottlenecks in your codebase.

The windsurf-known-pitfalls skill acts as a specialized auditor for developers working with Windsurf integrations. It systematically scans code for ten critical anti-patterns, ranging from synchronous API calls that cause latency to dangerous security practices like API key leakage and unverified webhooks. By providing side-by-side 'Anti-Pattern' vs. 'Better Approach' examples, it helps teams implement resilient patterns such as circuit breakers, idempotency keys, and graceful degradation, ensuring high-quality, production-ready Windsurf implementations.

Key Features

01Audits error handling for missing rate limit and retry logic

02Detects synchronous API calls that cause request-path latency

03Suggests implementation patterns for idempotency and circuit breakers

04Scans for PII logging and hardcoded configuration values

05Identifies security risks like API key leakage and unverified webhooks

06983 GitHub stars

Use Cases

01Performing security and performance audits on existing SaaS integrations

02Onboarding developers to ensure they follow Windsurf integration best practices

03Automating code reviews to catch common architectural mistakes before deployment

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jeremylongshore/claude-code-plugins-plus-skills windsurf-known-pitfalls

For use in Claude.ai and ChatGPT

Download Skill

Key Features

01Audits error handling for missing rate limit and retry logic

02Detects synchronous API calls that cause request-path latency

03Suggests implementation patterns for idempotency and circuit breakers

04Scans for PII logging and hardcoded configuration values

05Identifies security risks like API key leakage and unverified webhooks

06983 GitHub stars

Use Cases

01Performing security and performance audits on existing SaaS integrations

02Onboarding developers to ensure they follow Windsurf integration best practices

03Automating code reviews to catch common architectural mistakes before deployment

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jeremylongshore/claude-code-plugins-plus-skills windsurf-known-pitfalls

For use in Claude.ai and ChatGPT

Download Skill