customerio-security-basics

Featured

Apply Customer.io security best practices. Use when implementing secure credential storage, PII handling, webhook signature verification, or GDPR/CCPA compliance. Trigger: "customer.io security", "customer.io pii", "secure customer.io", "customer.io gdpr", "customer.io webhook verify".

AI & Automation 2,359 stars 334 forks Updated today MIT

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Customer.io Security Basics ## Overview Implement security best practices for Customer.io: secrets management for API credentials, PII sanitization before sending data, webhook signature verification (HMAC-SHA256), API key rotation, and GDPR/CCPA data deletion compliance. ## Prerequisites - Customer.io account with admin access - Understanding of your data classification (what is PII) - Secrets management system (recommended for production) ## Instructions ### Step 1: Secure Credential Storage ```typescript // lib/customerio-secrets.ts // NEVER hardcode credentials — use environment variables or a secrets manager // Option A: Environment variables (acceptable for most apps) const siteId = process.env.CUSTOMERIO_SITE_ID; const trackKey = process.env.CUSTOMERIO_TRACK_API_KEY; // Option B: GCP Secret Manager (recommended for production) import { SecretManagerServiceClient } from "@google-cloud/secret-manager"; const secretClient = new SecretManagerServiceClient(); async function getSecret(name: string): Promise<string> { const [version] = await secretClient.accessSecretVersion({ name: `projects/my-project/secrets/${name}/versions/latest`, }); return version.payload?.data?.toString() ?? ""; } async function createCioClient() { const [siteId, trackKey] = await Promise.all([ getSecret("customerio-site-id"), getSecret("customerio-track-api-key"), ]); return new TrackClient(siteId, trackKey, { region: RegionUS }); } ``` ### Step 2: PII Sanitiza...

Details

Author
jeremylongshore
Repository
jeremylongshore/claude-code-plugins-plus-skills
Created
8 months ago
Last Updated
today
Language
Python
License
MIT

Integrates with

Anthropic · AI Google Cloud · Cloud

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

apollo-security-basics

Apply Apollo.io API security best practices. Use when securing Apollo integrations, managing API keys, or implementing secure data handling. Trigger with phrases like "apollo security", "secure apollo api", "apollo api key security", "apollo data protection".

2,359 Updated today
jeremylongshore
AI & Automation Featured

klaviyo-security-basics

Apply Klaviyo security best practices for API key management and access control. Use when securing API keys, configuring OAuth scopes, implementing webhook signature verification, or auditing Klaviyo security configuration. Trigger with phrases like "klaviyo security", "klaviyo secrets", "secure klaviyo", "klaviyo API key security", "klaviyo OAuth".

2,359 Updated today
jeremylongshore
AI & Automation Featured

customerio-install-auth

Install and configure Customer.io SDK/CLI authentication. Use when setting up a new Customer.io integration, configuring API keys, or initializing Customer.io in your project. Trigger: "install customer.io", "setup customer.io", "customer.io auth", "configure customer.io API key", "customer.io credentials".

2,359 Updated today
jeremylongshore