gdpr-dsgvo-expert
tessl i github:alirezarezvani/claude-skills --skill gdpr-dsgvo-expertSenior GDPR/DSGVO expert and internal/external auditor for data protection compliance. Provides EU GDPR and German DSGVO expertise, privacy impact assessments, data protection auditing, and compliance verification. Use for GDPR compliance assessments, privacy audits, data protection planning, and regulatory compliance verification.
Validation
75%| Criteria | Description | Result |
|---|---|---|
description_trigger_hint | Description may be missing an explicit 'when to use' trigger hint (e.g., 'Use when...') | Warning |
metadata_version | 'metadata' field is not a dictionary | Warning |
license_field | 'license' field is missing | Warning |
body_output_format | No obvious output/return/format terms detected; consider specifying expected outputs | Warning |
Total | 12 / 16 Passed | |
Implementation
20%This skill reads like a comprehensive GDPR textbook rather than actionable guidance for Claude. It extensively documents compliance frameworks and organizational structures that Claude already understands, while failing to provide concrete, executable tools or specific decision criteria. The referenced scripts and templates could be valuable, but without actual code or specific implementation details, the skill offers little beyond what Claude could generate from general GDPR knowledge.
Suggestions
Replace abstract framework diagrams with executable Python code for the referenced scripts (gdpr-compliance-checker.py, dpia-automation.py) or specific command examples
Move the detailed compliance frameworks to reference files and keep SKILL.md as a concise overview with clear entry points for specific tasks
Add concrete examples with specific inputs and expected outputs (e.g., 'Given this data processing scenario, here is the DPIA assessment output')
Include specific validation criteria and checklists that Claude can actually execute, rather than abstract process descriptions
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | Extremely verbose with extensive structural diagrams and frameworks that explain concepts Claude already knows (GDPR articles, basic compliance concepts). The content is heavily padded with organizational hierarchies and generic compliance terminology that adds little actionable value. | 1 / 3 |
Actionability | Despite listing scripts like 'gdpr-compliance-checker.py', no actual executable code or concrete commands are provided. The content describes frameworks and processes abstractly (e.g., 'Conduct systematic GDPR compliance audits') without specific implementation details or copy-paste ready guidance. | 1 / 3 |
Workflow Clarity | Some numbered steps exist (DPIA process, audit methodology) with decision points mentioned, but validation checkpoints are vague ('Determine DPIA necessity') and lack concrete verification criteria. No feedback loops for error recovery in complex compliance processes. | 2 / 3 |
Progressive Disclosure | References to external files (references/, scripts/, assets/) are present and organized, but the main content is a monolithic wall of text with extensive inline frameworks that should be in separate reference files. The overview itself is too detailed rather than being a concise entry point. | 2 / 3 |
Total | 6 / 12 Passed |
Activation
90%This is a solid skill description with strong trigger terms and completeness. It clearly identifies its regulatory niche (EU GDPR/German DSGVO) and includes an explicit 'Use for' clause. The main weakness is that the specific capabilities could be more concrete - listing actual deliverables or actions rather than general consulting categories.
Suggestions
Replace generic terms like 'data protection auditing' with specific actions such as 'review data processing agreements', 'assess lawful basis for processing', 'evaluate cross-border transfer mechanisms', or 'generate Article 30 records of processing activities'.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Names the domain (GDPR/DSGVO compliance) and lists some actions like 'privacy impact assessments', 'data protection auditing', and 'compliance verification', but these are somewhat generic consulting terms rather than concrete specific actions like 'review data processing agreements' or 'generate Article 30 records'. | 2 / 3 |
Completeness | Clearly answers both what ('Provides EU GDPR and German DSGVO expertise, privacy impact assessments, data protection auditing, and compliance verification') and when ('Use for GDPR compliance assessments, privacy audits, data protection planning, and regulatory compliance verification') with explicit trigger guidance. | 3 / 3 |
Trigger Term Quality | Good coverage of natural terms users would say: 'GDPR', 'DSGVO', 'privacy impact assessments', 'data protection', 'compliance', 'privacy audits', 'regulatory compliance'. These are terms users working in EU data protection would naturally use. | 3 / 3 |
Distinctiveness Conflict Risk | Clear niche focused specifically on EU GDPR and German DSGVO data protection law. The combination of specific regulatory frameworks (GDPR, DSGVO) and specialized activities (privacy impact assessments, auditing) creates a distinct profile unlikely to conflict with general legal or compliance skills. | 3 / 3 |
Total | 11 / 12 Passed |
Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.