coderabbit-data-handling

Implement CodeRabbit PII handling, data retention, and GDPR/CCPA compliance patterns. Use when handling sensitive data, implementing data redaction, configuring retention policies, or ensuring compliance with privacy regulations for CodeRabbit integrations. Trigger with phrases like "coderabbit data", "coderabbit PII", "coderabbit GDPR", "coderabbit data retention", "coderabbit privacy", "coderabbit CCPA".

Quality

82%

Does it follow best practices?

Impact

—

No eval scenarios have been run

Securityby

Advisory

Suggest reviewing before use

Quality

Content

64%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

This skill provides highly actionable, copy-paste ready CodeRabbit YAML configurations for data handling and security patterns. Its main weaknesses are the lack of validation/verification steps (how to confirm the configuration works as expected) and some unnecessary padding in prerequisites and output sections. The content could be tightened and would benefit from a verification workflow.

Suggestions

Add a validation step showing how to verify the configuration is working (e.g., test with a PR containing a known pattern and confirm it's flagged or excluded)

Remove the 'Prerequisites' section (mostly vague filler) and the 'Output' section (restates what was already covered) to improve conciseness

Consider extracting the detailed path_instructions for db/api/auth into a separate reference file to improve progressive disclosure

Dimension	Reasoning	Score
Conciseness	The skill includes some unnecessary sections like 'Prerequisites' (understanding of sensitive file patterns, secret scanning tools awareness are vague filler), the 'Output' section restates what was already covered, and some comments in YAML are redundant. However, the core content is mostly configuration examples without excessive explanation.	2 / 3
Actionability	The skill provides fully copy-paste ready YAML configurations with specific glob patterns, concrete secret detection instructions, and real-world patterns (AKIA for AWS keys, specific hashing algorithms). Every step has executable configuration that can be directly placed in .coderabbit.yaml.	3 / 3
Workflow Clarity	Steps are clearly sequenced and logically ordered (exclude files → detect secrets → manage scope → detect patterns), and the error handling table is useful. However, there are no validation checkpoints — no way to verify the configuration is working correctly, no feedback loop for testing that secrets are actually being caught or files excluded.	2 / 3
Progressive Disclosure	The content is reasonably well-structured with clear sections, but it's somewhat monolithic — the detailed path_instructions for db/api/auth could be split into a separate reference file. The 'Next Steps' reference to 'coderabbit-security-basics' is good but there are no bundle files to support progressive disclosure. Resources section provides external links.	2 / 3
	Total	9 / 12 Passed

Description

100%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

This is a strong skill description that clearly defines its scope around CodeRabbit-specific privacy and compliance patterns. It provides concrete actions, explicit trigger guidance with both a 'Use when' clause and enumerated trigger phrases, and is highly distinctive due to the CodeRabbit product scoping. The description is concise, uses third person voice, and covers all necessary dimensions well.

Dimension	Reasoning	Score
Specificity	Lists multiple specific concrete actions: PII handling, data redaction, configuring retention policies, and implementing GDPR/CCPA compliance patterns for CodeRabbit integrations.	3 / 3
Completeness	Clearly answers both 'what' (implement PII handling, data retention, GDPR/CCPA compliance patterns) and 'when' (explicit 'Use when' clause with specific scenarios plus a 'Trigger with phrases' section).	3 / 3
Trigger Term Quality	Includes a comprehensive set of natural trigger terms users would say: 'coderabbit data', 'coderabbit PII', 'coderabbit GDPR', 'coderabbit data retention', 'coderabbit privacy', 'coderabbit CCPA'. Also includes broader terms like 'sensitive data', 'data redaction', 'privacy regulations'.	3 / 3
Distinctiveness Conflict Risk	Highly distinctive due to the specific CodeRabbit product scope combined with the privacy/compliance domain. The trigger terms are all prefixed with 'coderabbit', making conflicts with generic data handling or other compliance skills very unlikely.	3 / 3
	Total	12 / 12 Passed

Validation

81%

Warnings & errors only

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation — 9 / 11 Passed

Validation for skill structure

Criteria	Description	Result
allowed_tools_field	'allowed-tools' contains unusual tool name(s)	Warning
frontmatter_unknown_keys	Unknown frontmatter key(s) found; consider removing or moving to metadata	Warning

	Total	9 / 11 Passed

Repository: jeremylongshore/claude-code-plugins-plus-skills
Commit: 02d6341

Reviewed: about 20 hours ago

Table of Contents

Discovery Implementation Validation

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.