52 lines
3.0 KiB
Markdown
52 lines
3.0 KiB
Markdown
---
|
|
name: scanning-for-data-privacy-issues
|
|
description: |
|
|
This skill enables Claude to automatically scan code and configuration files for potential data privacy vulnerabilities using the data-privacy-scanner plugin. It identifies sensitive data exposure, compliance violations, and other privacy-related risks. Use this skill when the user requests to "scan for data privacy issues", "check privacy compliance", "find PII leaks", "identify GDPR violations", or needs a "privacy audit" of their codebase. The skill is most effective when used on projects involving personal data, financial information, or health records.
|
|
allowed-tools: Read, Write, Edit, Grep, Glob, Bash
|
|
version: 1.0.0
|
|
---
|
|
|
|
## Overview
|
|
|
|
This skill automates the process of identifying data privacy risks within a codebase. By leveraging the data-privacy-scanner plugin, Claude can quickly pinpoint potential vulnerabilities, helping developers proactively address compliance requirements and protect sensitive user data.
|
|
|
|
## How It Works
|
|
|
|
1. **Initiate Scan**: Upon detecting a privacy-related trigger phrase, Claude activates the data-privacy-scanner plugin.
|
|
2. **Analyze Codebase**: The plugin analyzes the specified files or the entire project for potential data privacy violations.
|
|
3. **Report Findings**: The plugin generates a detailed report outlining identified risks, including the location of the vulnerability and a description of the potential impact.
|
|
|
|
## When to Use This Skill
|
|
|
|
This skill activates when you need to:
|
|
- Identify potential data privacy vulnerabilities in a codebase.
|
|
- Ensure compliance with data privacy regulations such as GDPR, CCPA, or HIPAA.
|
|
- Perform a privacy audit of a project involving sensitive user data.
|
|
|
|
## Examples
|
|
|
|
### Example 1: Identifying PII Leaks
|
|
|
|
User request: "Scan this project for PII leaks."
|
|
|
|
The skill will:
|
|
1. Activate the data-privacy-scanner plugin to analyze the project.
|
|
2. Generate a report highlighting potential Personally Identifiable Information (PII) leaks, such as exposed email addresses or phone numbers.
|
|
|
|
### Example 2: Checking GDPR Compliance
|
|
|
|
User request: "Check this configuration file for GDPR compliance issues."
|
|
|
|
The skill will:
|
|
1. Activate the data-privacy-scanner plugin to analyze the specified configuration file.
|
|
2. Generate a report identifying potential GDPR violations, such as insufficient data anonymization or improper consent management.
|
|
|
|
## Best Practices
|
|
|
|
- **Scope**: Specify the relevant files or directories to narrow the scope of the scan and improve performance.
|
|
- **Context**: Provide context about the type of data being processed to help the plugin identify relevant privacy risks.
|
|
- **Review**: Carefully review the generated report to understand the identified vulnerabilities and implement appropriate remediation measures.
|
|
|
|
## Integration
|
|
|
|
This skill can be integrated with other security and compliance tools to provide a comprehensive approach to data privacy. For example, it can be combined with vulnerability scanning tools to identify related security risks or with reporting tools to track progress on remediation efforts. |