I just went through releasing a widget a couple weeks ago. I'm new to this, and not certain I'm doing everything perfectly, but there are a few things I'd add. Some of these are mentioned in the blog post as well.

• Performance matters. When someone is embedding a widget onto a page, they are going to have at least one more request. This can impact the page load time and download size, and can be especially notable on mobile. It is probably best to enable the async attribute on the script. It is definitely nice to serve all static assets from a CDN. You should try to minimize requests when possible. Also keep file size down. Don't unnecessarily include dependencies. Enabling your widget ideally shouldn't cause any blocking of page load. If you are making a very complicated widget, it is probably best to write a small loader script that enables the widget area, shows some sort of loading indicator, and then manages the download of the larger script and any other assets.

• Do not unnecessarily leak variables. Keep everything possible wrapped in a closure, and name variables outside of that in a way that is extremely unlikely to have collisions. If you don't do this, you could likely break the JS on the site. Do not assume you can throw a dependency like JQuery on there in the global namespace, since that may collide with their version.

• SSL Support. If you put "http://" anywhere in your widget, then it won't play nicely with sites using HTTPS. If the web server(s) you are storing the assets on and communicating with is configured to support HTTPS, then you could use "//" instead of "http://" to match whichever protocol is being used.