coderabbit-data-handling
Implement CodeRabbit PII handling, data retention, and GDPR/CCPA compliance patterns. Use when handling sensitive data, implementing data redaction, configuring retention policies, or ensuring compliance with privacy regulations for CodeRabbit integrations. Trigger with phrases like "coderabbit data", "coderabbit PII", "coderabbit GDPR", "coderabbit data retention", "coderabbit privacy", "coderabbit CCPA".
84
82%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Passed
No known issues
Quality
Discovery
100%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a strong skill description that clearly defines its scope around CodeRabbit privacy and compliance patterns. It provides concrete actions, explicit trigger guidance with both a 'Use when' clause and enumerated trigger phrases, and occupies a very distinct niche. The description is well-structured and concise without unnecessary fluff.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists multiple specific concrete actions: PII handling, data redaction, configuring retention policies, and implementing GDPR/CCPA compliance patterns for CodeRabbit integrations. | 3 / 3 |
Completeness | Clearly answers both 'what' (implement PII handling, data retention, GDPR/CCPA compliance patterns) and 'when' (explicit 'Use when' clause with specific scenarios plus a 'Trigger with phrases' section). | 3 / 3 |
Trigger Term Quality | Includes a comprehensive set of natural trigger terms users would say: 'coderabbit data', 'coderabbit PII', 'coderabbit GDPR', 'coderabbit data retention', 'coderabbit privacy', 'coderabbit CCPA', plus broader terms like 'sensitive data', 'data redaction', 'retention policies', 'privacy regulations'. | 3 / 3 |
Distinctiveness Conflict Risk | Highly distinctive due to the specific CodeRabbit + privacy/compliance niche. The combination of a specific product (CodeRabbit) with a specific domain (PII/GDPR/CCPA compliance) makes it very unlikely to conflict with other skills. | 3 / 3 |
Total | 12 / 12 Passed |
Implementation
64%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
The skill provides solid, actionable YAML configurations for CodeRabbit data handling with good concrete examples and patterns. However, it lacks validation/verification steps for confirming configurations work correctly, includes some redundancy between steps, and the description promises GDPR/CCPA compliance coverage that the content doesn't deliver. The content would benefit from trimming redundancy and adding a verification workflow.
Suggestions
Add a validation step to verify path_filters are working (e.g., test with a PR touching an excluded file and confirm it's not reviewed)
Remove redundant path_filters between Step 1 and Step 3, or consolidate into a single comprehensive configuration
Either add actual GDPR/CCPA compliance content (data retention policies, deletion requests, DPA configuration) or remove those claims from the skill description
Remove the 'Prerequisites' section — items like 'understanding of sensitive file patterns' and 'secret scanning tools awareness' are vague and don't add value
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill includes some unnecessary sections like 'Prerequisites' (understanding of sensitive file patterns, secret scanning tools awareness are vague filler) and the 'Output' section which just restates what was already covered. The YAML examples themselves are well-structured but there's redundancy between Step 1 and Step 3 path_filters, and the description title mentions GDPR/CCPA compliance but the content doesn't actually address those regulations at all. | 2 / 3 |
Actionability | The skill provides fully executable YAML configurations that can be directly copied into .coderabbit.yaml files. Each step has concrete, specific patterns and instructions with real-world examples like AWS key patterns (AKIA...) and specific file glob patterns. | 3 / 3 |
Workflow Clarity | The steps are clearly sequenced and logically ordered (exclude files → detect secrets → manage scope → detect patterns), but there are no validation checkpoints. There's no step to verify the configuration works, no way to test that path_filters are correctly excluding files, and no feedback loop for when secrets slip through despite configuration. | 2 / 3 |
Progressive Disclosure | The content is reasonably organized with clear sections, but it's somewhat monolithic — the detailed YAML configurations for Steps 1-4 could be split into separate reference files. The 'Next Steps' reference to 'coderabbit-security-basics' is good, but there are no bundle files to support progressive disclosure. The error handling table is a nice touch but inline. | 2 / 3 |
Total | 9 / 12 Passed |
Validation
81%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 9 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
allowed_tools_field | 'allowed-tools' contains unusual tool name(s) | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 9 / 11 Passed | |
- Commit
3a2d27d
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.