Skill

api-rate-limiting

Implements API rate limiting using token bucket, sliding window, Redis algorithms, and Express middleware. Use for securing public APIs, tiered access, and DoS protection.

JavaScript

npx claudepluginhub secondsky/claude-skills --plugin api-rate-limiting

Popularity

Parent stars

149

Parent forks

Invocation

How this skill is triggered — by the user, by Claude, or both

Slash command

/api-rate-limiting:api-rate-limiting

User invocable

Model invocable

Inline context

Default effort

Context Preview

The summary Claude sees in its skill listing — used to decide when to auto-load this skill

Protect APIs from abuse using rate limiting algorithms with per-user and per-endpoint strategies.

SKILL.md

88 lines · ~497 tokens

Similar Skills

Rate Limiting

Controls request throughput with token bucket, sliding window, and fixed window algorithms to protect APIs from abuse, enforce usage quotas, and prevent service overload using Redis.

1 file

harness-claude

rate-limiting-apis

2.2k

Implements API rate limiting with sliding windows, token buckets, quotas using Redis and libraries for Node.js, Python/FastAPI, Java. Protects endpoints from excessive requests with headers and 429 responses.

3 files6 tools

api-rate-limiter

ratelimit

Guides rate limiting implementation using token bucket, sliding window counters, Redis Lua scripts, tiered quotas, middleware, headers, and monitoring to protect APIs from abuse and manage quotas.

godmode

Stats

LanguageTypeScript

Parent stars149

Parent forks23

MaintenanceGood

Last CommitApr 2, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

Stats

Actions

Help us improve

Share bugs, ideas, or general feedback.

API Rate Limiting

Protect APIs from abuse using rate limiting algorithms with per-user and per-endpoint strategies.

Algorithms

Algorithm

Pros

Cons

Token Bucket

Handles bursts, smooth

Memory per user

Sliding Window

Accurate

Memory intensive

Fixed Window

Simple

Boundary spikes

Token Bucket (Node.js)

class TokenBucket { constructor(capacity, refillRate) { this.capacity = capacity; this.tokens = capacity; this.refillRate = refillRate; // tokens per second this.lastRefill = Date.now(); } consume() { this.refill(); if (this.tokens >= 1) { this.tokens--; return true; } return false; } refill() { const now = Date.now(); const elapsed = (now - this.lastRefill) / 1000; this.tokens = Math.min(this.capacity, this.tokens + elapsed * this.refillRate); this.lastRefill = now; } }

Express Middleware

const rateLimit = require('express-rate-limit'); const limiter = rateLimit({ windowMs: 15 * 60 * 1000, // 15 minutes max: 100, standardHeaders: true, message: { error: 'Too many requests, try again later' } }); app.use('/api/', limiter);

Response Headers

X-RateLimit-Limit: 100 X-RateLimit-Remaining: 45 X-RateLimit-Reset: 1705320000 Retry-After: 60

Tiered Limits

Tier

Requests/Hour

Free

100

Pro

1,000

Enterprise

10,000

Best Practices

Use Redis for distributed rate limiting

Include proper headers in responses

Return 429 status with Retry-After

Implement tiered limits for different plans

Monitor rate limit metrics

Test under load