OpenSkillIndex← back to search
claude-codesecurity

Claude-code-plugins-plus-skills speak-security-basics

install
source · Clone the upstream repo
git clone https://github.com/jeremylongshore/claude-code-plugins-plus-skills
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/jeremylongshore/claude-code-plugins-plus-skills "$T" && mkdir -p ~/.claude/skills && cp -r "$T/plugins/saas-packs/speak-pack/skills/speak-security-basics" ~/.claude/skills/jeremylongshore-claude-code-plugins-plus-skills-speak-security-basics && rm -rf "$T"
manifest: plugins/saas-packs/speak-pack/skills/speak-security-basics/SKILL.md
tags
#security-compliance#api-security#data-privacy#coppa-ferpa#speak-integration
source content

Speak Security Basics

Overview

Security best practices for Speak API keys, audio data privacy, student data protection, and COPPA/FERPA compliance.

Prerequisites

  • Completed 
    speak-install-auth
    setup
  • Valid API credentials configured
  • ffmpeg installed for audio processing

Instructions

API Key Security

# Never commit API keys
echo '.env' >> .gitignore
echo '.env.local' >> .gitignore

# Use secrets manager in production
export SPEAK_API_KEY="$(aws secretsmanager get-secret-value --secret-id speak/api-key --query SecretString --output text)"

Audio Data Privacy

// Speak processes audio on their servers — do NOT store student audio locally
// unless required by your application
class PrivacyAwareClient {
  async assessAndClean(audioPath: string, targetText: string, language: string) {
    try {
      const result = await this.client.assessPronunciation({
        audioPath, targetText, language,
      });
      return result;
    } finally {
      // Delete local audio file after assessment
      fs.unlinkSync(audioPath);
    }
  }
}

Student Data Protection

  • Never log student audio recordings
  • Redact student names from API logs
  • Store assessment scores, not raw audio
  • Implement data retention policies (delete after N days)
  • COPPA compliance for students under 13: parental consent required
  • FERPA compliance for educational institutions: student data agreements

Security Checklist

  • API keys in secrets manager, not code
  • Audio files deleted after processing
  • Student PII not logged
  • HTTPS enforced for all API calls
  • Rate limiting prevents abuse
  • Access logs maintained for audit

Output

  • Basics implementation complete
  • Speak API integration verified
  • Production-ready patterns applied

Error Handling

ErrorCauseSolution
401 UnauthorizedInvalid API keyVerify SPEAK_API_KEY environment variable
429 Rate LimitedToo many requestsWait Retry-After seconds, use backoff
Audio format errorWrong codec/sample rateConvert to WAV 16kHz mono with ffmpeg
Session expiredTimeout after 30 minStart a new conversation session

Resources

Next Steps

See 

speak-prod-checklist
for production readiness.

Examples

Basic: Apply security basics with default configuration for a standard Speak integration.

Advanced: Customize for production with error recovery, monitoring, and team-specific requirements.