lokalise-security-basics

Featured

Apply Lokalise security best practices for API tokens and access control. Use when securing API tokens, implementing least privilege access, or auditing Lokalise security configuration. Trigger with phrases like "lokalise security", "lokalise secrets", "secure lokalise", "lokalise API token security".

AI & Automation 2,266 stars 315 forks Updated today MIT

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Lokalise Security Basics ## Overview Security practices for Lokalise integrations: API token management with scoped permissions, translation content sanitization, CI/CD secret handling, webhook secret verification, and audit logging. Lokalise handles translation strings that may contain user-facing content, interpolation variables, and occasionally PII embedded in keys or values. ## Prerequisites - Lokalise API token provisioned (admin token for audit, scoped tokens for operations) - Understanding of Lokalise token permission model (read-only vs read-write) - Secret management infrastructure (GitHub Secrets, AWS Secrets Manager, GCP Secret Manager, or Vault) ## Instructions ### Step 1: Token Scope Management Lokalise API tokens are either read-only or read-write. Create separate tokens per use case to enforce least privilege. ```typescript import { LokaliseApi } from "@lokalise/node-api"; // Token strategy: separate tokens per context const TOKENS = { // CI download pipeline — read-only token ciDownload: process.env.LOKALISE_READ_TOKEN, // CI upload pipeline — read-write token ciUpload: process.env.LOKALISE_WRITE_TOKEN, // Admin operations (contributor management, webhooks) — admin token admin: process.env.LOKALISE_ADMIN_TOKEN, } as const; function getClient(scope: keyof typeof TOKENS): LokaliseApi { const token = TOKENS[scope]; if (!token) { throw new Error( `LOKALISE_${scope.toUpperCase()}_TOKEN not set. ` + `Generate at https://app...

Details

Author
jeremylongshore
Repository
jeremylongshore/claude-code-plugins-plus-skills
Created
7 months ago
Last Updated
today
Language
Python
License
MIT

Integrates with

Anthropic · AI Google Cloud · Cloud

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

lokalise-install-auth

Install and configure Lokalise SDK/CLI authentication. Use when setting up a new Lokalise integration, configuring API tokens, or initializing Lokalise in your project. Trigger with phrases like "install lokalise", "setup lokalise", "lokalise auth", "configure lokalise API token".

2,266 Updated today
jeremylongshore
AI & Automation Featured

lokalise-data-handling

Implement Lokalise translation data handling, PII management, and compliance patterns. Use when handling sensitive translation data, implementing data redaction, or ensuring compliance with privacy regulations for Lokalise integrations. Trigger with phrases like "lokalise data", "lokalise PII", "lokalise GDPR", "lokalise data retention", "lokalise privacy", "lokalise compliance".

2,266 Updated today
jeremylongshore
AI & Automation Featured

lokalise-enterprise-rbac

Configure Lokalise enterprise SSO, role-based access control, and team management. Use when implementing SSO integration, configuring role-based permissions, or setting up organization-level controls for Lokalise. Trigger with phrases like "lokalise SSO", "lokalise RBAC", "lokalise enterprise", "lokalise roles", "lokalise permissions", "lokalise team".

2,266 Updated today
jeremylongshore
AI & Automation Featured

lokalise-observability

Set up comprehensive observability for Lokalise integrations with metrics, traces, and alerts. Use when implementing monitoring for Lokalise operations, setting up dashboards, or configuring alerting for Lokalise integration health. Trigger with phrases like "lokalise monitoring", "lokalise metrics", "lokalise observability", "monitor lokalise", "lokalise alerts", "lokalise tracing".

2,266 Updated today
jeremylongshore
AI & Automation Featured

lokalise-hello-world

Create a minimal working Lokalise example. Use when starting a new Lokalise integration, testing your setup, or learning basic Lokalise API patterns. Trigger with phrases like "lokalise hello world", "lokalise example", "lokalise quick start", "simple lokalise code".

2,266 Updated today
jeremylongshore