vercel-policy-guardrails

Solid

Implement lint rules, CI policy checks, and automated guardrails for Vercel projects. Use when setting up code quality rules, preventing secret exposure, or enforcing deployment policies for Vercel applications. Trigger with phrases like "vercel policy", "vercel lint", "vercel guardrails", "vercel best practices check", "vercel secret scan".

AI & Automation 2,266 stars 315 forks Updated today MIT

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Vercel Policy Guardrails ## Overview Protect against common Vercel failure modes with automated guardrails: ESLint rules preventing secret exposure in client bundles, pre-commit hooks scanning for credentials, CI checks validating vercel.json and edge runtime compatibility, and runtime middleware enforcing auth on protected routes. ## Prerequisites - ESLint configured in project - Git hooks infrastructure (husky or lefthook) - CI/CD pipeline (GitHub Actions or similar) - TypeScript for type enforcement ## Instructions ### Step 1: ESLint Rules — Prevent Secret Exposure ```javascript // .eslintrc.js — custom rules for Vercel projects module.exports = { rules: { // Prevent using NEXT_PUBLIC_ prefix for sensitive variables 'no-restricted-syntax': [ 'error', { selector: 'MemberExpression[object.property.name="env"][property.name=/^NEXT_PUBLIC_(SECRET|KEY|TOKEN|PASSWORD|PRIVATE)/]', message: 'Do not prefix secrets with NEXT_PUBLIC_ — they will be exposed in the client bundle', }, ], }, overrides: [ { // Edge runtime files — prevent Node.js API usage files: ['**/edge-*.ts', '**/middleware.ts'], rules: { 'no-restricted-imports': [ 'error', { paths: [ { name: 'fs', message: 'fs is not available in Edge Runtime. Use fetch or Vercel Blob.' }, { name: 'path', message: 'path is not available in Edge Runtime. Use URL API.' }, { na...

Details

Author
jeremylongshore
Repository
jeremylongshore/claude-code-plugins-plus-skills
Created
7 months ago
Last Updated
today
Language
Python
License
MIT

Integrates with

Anthropic · AI Vercel · Cloud GitHub · DevTools

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Solid

vercel-known-pitfalls

Identify and avoid Vercel anti-patterns and common integration mistakes. Use when reviewing Vercel code for issues, onboarding new developers, or auditing existing Vercel deployments for best practice violations. Trigger with phrases like "vercel mistakes", "vercel anti-patterns", "vercel pitfalls", "vercel what not to do", "vercel code review".

2,266 Updated today
jeremylongshore
AI & Automation Solid

vercel-security-basics

Apply Vercel security best practices for secrets, headers, and access control. Use when securing API keys, configuring security headers, or auditing Vercel security configuration. Trigger with phrases like "vercel security", "vercel secrets", "secure vercel", "vercel headers", "vercel CSP".

2,266 Updated today
jeremylongshore
AI & Automation Featured

hubspot-policy-guardrails

Implement HubSpot lint rules, secret scanning, and CI policy checks. Use when setting up code quality rules for HubSpot integrations, preventing token leaks, or configuring CI guardrails. Trigger with phrases like "hubspot policy", "hubspot lint", "hubspot guardrails", "hubspot security check", "hubspot eslint rules".

2,266 Updated today
jeremylongshore
AI & Automation Featured

shopify-policy-guardrails

Implement Shopify app policy enforcement with ESLint rules for API key detection, query cost budgets, and App Store compliance checks. Trigger with phrases like "shopify policy", "shopify lint", "shopify guardrails", "shopify compliance", "shopify eslint", "shopify app review".

2,266 Updated today
jeremylongshore
AI & Automation Featured

canva-policy-guardrails

Implement Canva Connect API lint rules, policy enforcement, and automated guardrails. Use when setting up code quality rules for Canva integrations, implementing pre-commit hooks, or configuring CI policy checks. Trigger with phrases like "canva policy", "canva lint", "canva guardrails", "canva best practices check", "canva eslint".

2,266 Updated today
jeremylongshore