Apply Windsurf security best practices for secrets and access control.
Use when securing API keys, implementing least privilege access,
or auditing Windsurf security configuration.
Trigger with phrases like "windsurf security", "windsurf secrets",
"secure windsurf", "windsurf API key security".
Security best practices for Windsurf AI IDE: controlling what code Cascade can see, preventing secrets from leaking into AI context, managing telemetry, and configuring workspace isolation for regulated environments.
Prerequisites
Windsurf installed
Understanding of Codeium's data processing model
Repository with identified sensitive files
Instructions
Step 1: Exclude Secrets from AI Indexing
Create .codeiumignore at project root (gitignore syntax):
# .codeiumignore — files Codeium/Windsurf will NEVER index or read
# Secrets and credentials
.env
.env.*
.env.local
credentials.json
serviceAccountKey.json
*.pem
*.key
*.p12
*.pfx
# Cloud provider configs
.aws/
.gcloud/
.azure/
# Infrastructure secrets
terraform.tfstate
terraform.tfstate.backup
*.tfvars
vault-config.*
# Customer data
data/customers/
exports/
backups/
*.sql.gz
<!-- .windsurfrules - security section -->
## Security Requirements
- Never suggest hardcoded secrets, API keys, or passwords in code
- Always use environment variables via process.env for secrets
- Never log PII (email, phone, SSN, credit card numbers)
- Use parameterized queries for all database operations
- Never suggest wildcard CORS origins in production code
- All user input must be validated before processing
- Use constant-time comparison for secret/token validation
Step 5: Audit AI Workspace Access
#!/bin/bash
set -euo pipefail
echo "=== Windsurf Security Audit ==="
# Check if .codeiumignore exists
if [ ! -f .codeiumignore ]; then
echo "WARNING: No .codeiumignore — AI can index all non-gitignored files"
fi
# Check for secrets that AI could index
echo "--- Potentially exposed secret files ---"
find . -type f \
-not -path '*/node_modules/*' \
-not -path '*/.git/*' \
\( -name '*.env*' -o -name '*.key' -o -name '*.pem' \
-o -name 'credentials*' -o -name '*secret*' \
-o -name '*.tfvars' -o -name 'serviceAccount*' \) \
2>/dev/null | head -20
# Check if found files are in .codeiumignore
echo "--- Verify all above files are excluded ---"
Step 6: Windsurf Data Processing Model
# What Windsurf/Codeium processes:
data_processing:
indexed_locally:
- File contents for Supercomplete context
- Codebase structure for Cascade awareness
stored: "Local machine only (not sent to cloud for indexing)"
sent_to_cloud:
- Cascade prompts (for AI model inference)
- Code snippets around cursor (for Supercomplete)
stored: "Zero-data retention for paid plans"
never_processed:
- Files in .codeiumignore
- Files in .gitignore (by default)
- Files in node_modules/
compliance:
- SOC 2 Type II certified
- FedRAMP High accredited
- HIPAA BAA available (Enterprise)
- Zero-data retention on paid plans
Security Checklist
.codeiumignore exists with secret file patterns
.env files excluded from AI indexing
.windsurfrules includes security coding standards
Telemetry disabled (if required by policy)
Autocomplete disabled for secret-containing file types
No competing AI extensions installed (data exposure risk)
Team members trained on "never paste secrets into Cascade chat"
Enterprise: SSO configured, personal accounts blocked