CtrlK
BlogDocsLog inGet started
Tessl Logo

clay-data-handling

Implement GDPR/CCPA-compliant data handling for Clay enrichment pipelines. Use when handling PII from enrichments, implementing data retention policies, or ensuring regulatory compliance for Clay-enriched lead data. Trigger with phrases like "clay data", "clay PII", "clay GDPR", "clay data retention", "clay privacy", "clay CCPA", "clay compliance".

64

Quality

Does it follow best practices?

Impact

No eval scenarios have been run

SecuritybySnyk

Passed

No known issues

SKILL.md
Quality
Evals
Security

Quality

Content

65%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

The body is highly actionable — six concrete, executable TypeScript implementations for data classification, validation, dedup, retention, export, and data-subject-rights — with a clear step sequence and a useful error-handling table. Its weaknesses are verbosity from inlining full implementations that duplicate the unbundled reference files, missing explicit validation feedback loops for destructive/batch operations, and a failure to surface the existing reference files (which are orphaned) while pointing to a non-existent skill.

Suggestions

Replace the inlined full implementations with concise overviews and link the existing references/implementation.md and references/implementation-guide.md so the bundle files are discoverable; remove or fix the dangling `clay-enterprise-rbac` Next Steps pointer.

Add explicit validation checkpoints and feedback loops to the workflow, e.g. 'if Zod validation fails, fix invalid rows and re-validate; only proceed to enrichment when all rows are valid', and gate the destructive Step 6 deletion behind a dry-run/confirm step before the actual DELETE.

Tighten the body by trimming the six full code blocks to the essential signatures and one representative example each, moving complete implementations to the reference files to improve token efficiency.

DimensionReasoningScore

Conciseness

The body is code-dense with no padding about concepts Claude already knows (no 'what is GDPR' prose), but it inlines six full TypeScript implementations across ~240 lines where a lean overview would offload detail to the bundled reference files, so it could be tightened. It is not level 1 because there is no unnecessary concept explanation, and not level 3 because the volume of inlined full implementations exceeds a lean, every-token-earns-its-place overview.

2 / 3

Actionability

Each step provides complete, executable TypeScript with real imports (zod, crypto), concrete schemas, and copy-paste-ready functions, matching the level-3 anchor. It is not level 2 because the code is concrete and executable rather than pseudocode or abstract description; minor unimported globals (db, crypto) are not enough to drop it.

3 / 3

Workflow Clarity

Six numbered steps give a clear sequence and Step 2/3 include validation/dedup, but there are no explicit feedback-loop checkpoints ('if validation fails, fix and re-validate; only proceed when valid') and the destructive deletion in Step 6 (a raw DELETE) lacks a dry-run/verification checkpoint, which per the rubric caps workflow clarity at 2 for batch/destructive operations. It is not level 1 because steps are clearly sequenced with some validation, and not level 3 because checkpoints and error-recovery loops are implicit rather than explicit.

2 / 3

Progressive Disclosure

The body is organized into sections, but full implementations that belong in references are inlined in SKILL.md while the actual bundle files (references/implementation.md, references/implementation-guide.md) are never linked or signaled, and the only 'Next Steps' pointer (`clay-enterprise-rbac`) does not exist as a file — matching 'content that should be separate is inline' and 'references present but not clearly signaled'. It is not level 1 because sections are organized rather than a monolithic/nested mess, and not level 3 because there are no well-signaled one-level-deep references to the real bundle files.

2 / 3

Total

9

/

12

Passed

Description

90%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

The description is strong: it explicitly covers what the skill does and when to use it, with a broad set of natural trigger phrases and a clear, distinctive niche. Its only weakness is that the named actions are somewhat abstract governance activities rather than crisp concrete technical operations, capping specificity at 2.

DimensionReasoningScore

Specificity

The description names a clear domain ('GDPR/CCPA-compliant data handling for Clay enrichment pipelines') and lists several actions ('handling PII from enrichments', 'implementing data retention policies', 'ensuring regulatory compliance'), but these are abstract governance activities rather than the multiple concrete technical operations the level-3 anchor calls for ('Extract text..., fill forms, merge documents'). It is not level 1 because the domain and actions are explicitly named, and not level 3 because the actions are umbrella/abstract rather than crisp concrete operations.

2 / 3

Completeness

It clearly answers both 'what' ('Implement GDPR/CCPA-compliant data handling for Clay enrichment pipelines') and 'when' with an explicit 'Use when handling PII from enrichments, implementing data retention policies, or ensuring regulatory compliance...' clause plus triggers, matching the level-3 anchor. It is not level 2 because the 'when' is explicit, not merely implied.

3 / 3

Trigger Term Quality

It provides an explicit, broad set of natural trigger phrases a user would plausibly say — 'clay data', 'clay PII', 'clay GDPR', 'clay data retention', 'clay privacy', 'clay CCPA', 'clay compliance' — giving good coverage of natural terms, matching the level-3 anchor. It is not level 2 because coverage is wide and explicitly enumerated rather than partial.

3 / 3

Distinctiveness Conflict Risk

The Clay-enrichment + GDPR/CCPA niche with 'clay'-prefixed trigger phrases is clearly distinguishable from other skills and unlikely to trigger for the wrong skill, matching the level-3 anchor. It is not level 2 because the niche and triggers are specific and non-overlapping with generic skills.

3 / 3

Total

11

/

12

Passed

Validation

87%

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation14 / 16 Passed

Validation for skill structure

CriteriaDescriptionResult

allowed_tools_field

'allowed-tools' contains unusual tool name(s)

Warning

frontmatter_unknown_keys

Unknown frontmatter key(s) found; consider removing or moving to metadata

Warning

Total

14

/

16

Passed

Repository
jeremylongshore/claude-code-plugins-plus-skills
Reviewed

Table of Contents

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.