cohere-security-basics

Featured

Apply Cohere security best practices for API key management and access control. Use when securing API keys, implementing key rotation, or auditing Cohere security configuration. Trigger with phrases like "cohere security", "cohere secrets", "secure cohere", "cohere API key security", "cohere key rotation".

AI & Automation 2,266 stars 315 forks Updated today MIT

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Cohere Security Basics ## Overview Security best practices for Cohere API keys, request validation, and data protection. Cohere uses bearer token auth with trial and production key tiers. ## Prerequisites - Cohere account at [dashboard.cohere.com](https://dashboard.cohere.com) - Understanding of environment variables - Secret management solution for production ## Instructions ### Step 1: API Key Management ```bash # NEVER hardcode keys — use environment variables export CO_API_KEY="your-key-here" # .env file (MUST be git-ignored) CO_API_KEY=your-key-here # .gitignore (mandatory entries) .env .env.local .env.*.local ``` **Key types:** - **Trial keys** — free, rate-limited, for development only - **Production keys** — metered billing, for live applications ### Step 2: Runtime Validation ```typescript import { CohereClientV2 } from 'cohere-ai'; function createSecureClient(): CohereClientV2 { const apiKey = process.env.CO_API_KEY; if (!apiKey) { throw new Error('CO_API_KEY is required. Set it as an environment variable.'); } // Basic key format check if (apiKey.length < 20) { throw new Error('CO_API_KEY appears malformed. Check dashboard.cohere.com.'); } return new CohereClientV2({ token: apiKey }); } ``` ### Step 3: Key Rotation Procedure ```bash # 1. Generate new key in Cohere dashboard # → dashboard.cohere.com → API Keys → Create new key # 2. Deploy new key (keep old key active) # Vercel: vercel env add CO_API_KEY production # AWS: ...

Details

Author
jeremylongshore
Repository
jeremylongshore/claude-code-plugins-plus-skills
Created
7 months ago
Last Updated
today
Language
Python
License
MIT

Integrates with

Anthropic · AI Cohere · AI Vercel · Cloud

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

cohere-enterprise-rbac

Configure Cohere enterprise API key management, role-based access, and org controls. Use when implementing multi-team API key management, per-team usage limits, or setting up organization-level controls for Cohere. Trigger with phrases like "cohere enterprise", "cohere RBAC", "cohere team keys", "cohere org management", "cohere access control".

2,266 Updated today
jeremylongshore
AI & Automation Featured

cohere-install-auth

Install and configure Cohere SDK authentication with API v2. Use when setting up a new Cohere integration, configuring API keys, or initializing the CohereClientV2 in your project. Trigger with phrases like "install cohere", "setup cohere", "cohere auth", "configure cohere API key".

2,266 Updated today
jeremylongshore
AI & Automation Featured

groq-security-basics

Apply Groq security best practices for API key management and data protection. Use when securing API keys, implementing least privilege access, or auditing Groq security configuration. Trigger with phrases like "groq security", "groq secrets", "secure groq", "groq API key security".

2,266 Updated today
jeremylongshore
AI & Automation Featured

ideogram-security-basics

Apply Ideogram security best practices for API key management and access control. Use when securing API keys, implementing key rotation, or auditing Ideogram security configuration. Trigger with phrases like "ideogram security", "ideogram secrets", "secure ideogram", "ideogram API key security", "ideogram key rotation".

2,266 Updated today
jeremylongshore
AI & Automation Featured

klaviyo-security-basics

Apply Klaviyo security best practices for API key management and access control. Use when securing API keys, configuring OAuth scopes, implementing webhook signature verification, or auditing Klaviyo security configuration. Trigger with phrases like "klaviyo security", "klaviyo secrets", "secure klaviyo", "klaviyo API key security", "klaviyo OAuth".

2,266 Updated today
jeremylongshore