Windsurf数据合规设置

v20260311

windsurf-data-handling

指导团队屏蔽 Windsurf/Codeium 对敏感文件的索引、隐藏环境变量、配置保留策略并关闭遥测，确保个人数据不被 AI 使用。

Windsurf 数据隐私合规个人信息遥测安全 AI配置

获取技能

52 次下载

概览

Windsurf Data Handling

Overview

Control what code and data Windsurf (Codeium) Cascade AI can access in your workspace. Covers file exclusion patterns, sensitive content filtering, telemetry management, and workspace privacy configuration.

Prerequisites

Windsurf IDE installed
Understanding of Codeium data processing
Repository with sensitive files identified
Team agreement on AI data boundaries

Instructions

Step 1: Exclude Sensitive Files from AI Indexing

// .windsurf/settings.json - Privacy configuration
{
  "codeium.indexing.excludePatterns": [
    "**/.env*",
    "**/credentials*",
    "**/secrets/**",
    "**/*.pem",
    "**/*.key",
    "**/*.p12",
    "**/serviceAccountKey*",
    "**/.aws/**",
    "**/.gcloud/**",
    "**/terraform.tfstate*",
    "**/*.tfvars",
    "**/vault-config*"
  ],
  "codeium.indexing.maxFileSize": 524288,  # 524288 = configured value
  "codeium.enableTelemetry": false
}

Step 2: Create Workspace Ignore File

# .codeiumignore - Files Codeium/Windsurf will never process
# Similar to .gitignore syntax

# Secrets and credentials
.env
.env.*
credentials.json
serviceAccountKey.json
*.pem
*.key
*.p12

# Customer data
data/customers/**
exports/**
backups/**

# Sensitive configuration
config/production.json
config/secrets.yaml

# Large binary files (waste of indexing)
*.zip
*.tar.gz
*.sqlite
*.db

Step 3: Environment Variable Safety

// Prevent secrets from appearing in Cascade suggestions
// .windsurf/patterns.md

/**
 * IMPORTANT: Environment Variable Patterns
 *
 * When Cascade suggests code with environment variables:
 * - Always use process.env.VARIABLE_NAME, never hardcode values
 * - For local development, use .env files (which are excluded from AI)
 * - Never paste actual secret values into Cascade chat
 *
 * Safe pattern:
 * ```
 * const apiKey = process.env.API_KEY!;
 * ```
 *
 * Unsafe pattern (never do this):
 * ```
 * const apiKey = "sk-abc123..."; // NEVER
 * ```
 */

Step 4: Telemetry and Data Controls

// .windsurf/settings.json - Telemetry controls
{
  "codeium.enableTelemetry": false,
  "codeium.enableSnippetTelemetry": false,
  "telemetry.telemetryLevel": "off",

  "codeium.autocomplete": {
    "enable": true,
    "languages": {
      "plaintext": false,
      "markdown": false,
      "json": false,
      "yaml": false,
      "env": false
    }
  }
}

Error Handling

Issue	Cause	Solution
Secret in AI suggestion	Secret was in indexed file	Add to `.codeiumignore`
Large file slowing AI	Binary indexed	Add file extension to exclude patterns
Telemetry sending data	Not disabled	Set `enableTelemetry: false`
AI suggests hardcoded key	No workspace rules	Add patterns about env vars to rules file

Examples

Quick Privacy Audit

# Check what files Windsurf would index
find . -type f \
  -not -path '*/node_modules/*' \
  -not -path '*/.git/*' \
  -name '*.env*' -o -name '*.key' -o -name '*.pem' \
  | head -20
# All found files should be in .codeiumignore

Resources

Output

Configuration files or code changes applied to the project
Validation report confirming correct implementation
Summary of changes made and their rationale

信息

Category 编程开发

Name windsurf-data-handling

版本 v20260311

大小 3.95KB

Source jeremylongshore/claude-code-plugins-plus-skills

更新时间 2026-03-12