adobe-data-handling
Implement data handling for Adobe APIs including PII redaction in logs, Firefly content policy compliance, PDF document data classification, and GDPR/CCPA data subject access requests via Adobe Privacy Service. Trigger with phrases like "adobe data", "adobe PII", "adobe GDPR", "adobe data retention", "adobe privacy", "adobe content policy".
Best use case
adobe-data-handling is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Implement data handling for Adobe APIs including PII redaction in logs, Firefly content policy compliance, PDF document data classification, and GDPR/CCPA data subject access requests via Adobe Privacy Service. Trigger with phrases like "adobe data", "adobe PII", "adobe GDPR", "adobe data retention", "adobe privacy", "adobe content policy".
Teams using adobe-data-handling should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/adobe-data-handling/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How adobe-data-handling Compares
| Feature / Agent | adobe-data-handling | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Implement data handling for Adobe APIs including PII redaction in logs, Firefly content policy compliance, PDF document data classification, and GDPR/CCPA data subject access requests via Adobe Privacy Service. Trigger with phrases like "adobe data", "adobe PII", "adobe GDPR", "adobe data retention", "adobe privacy", "adobe content policy".
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Adobe Data Handling
## Overview
Handle sensitive data correctly when integrating with Adobe APIs. Key concerns include Firefly content policy compliance, PII in PDF extraction results, credential redaction in logs, and GDPR/CCPA compliance using Adobe Privacy Service API.
## Prerequisites
- Understanding of your data classification requirements
- Adobe SDK with appropriate API access
- Database for audit logging
- Familiarity with GDPR/CCPA obligations
## Instructions
### Step 1: Data Classification for Adobe API Data
| Category | Examples | Handling |
|----------|----------|----------|
| **Credentials** | `client_secret`, access tokens | Never log; rotate regularly |
| **User Content** | Uploaded images, PDFs | Encrypt at rest; delete per retention policy |
| **Generated Content** | Firefly outputs, processed PDFs | Time-limited URLs (24h); cache intentionally |
| **Extraction Results** | PDF text, tables, structured data | May contain PII; scan and redact |
| **API Metadata** | Job IDs, request IDs, timestamps | Safe to log; useful for debugging |
### Step 2: PII Detection in PDF Extraction Results
PDF Extract API returns raw text that may contain customer PII:
```typescript
// src/adobe/pii-scanner.ts
const PII_PATTERNS = [
{ type: 'email', regex: /[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}/g },
{ type: 'phone', regex: /\b\d{3}[-.]?\d{3}[-.]?\d{4}\b/g },
{ type: 'ssn', regex: /\b\d{3}-\d{2}-\d{4}\b/g },
{ type: 'credit_card', regex: /\b\d{4}[- ]?\d{4}[- ]?\d{4}[- ]?\d{4}\b/g },
];
interface PiiFinding {
type: string;
count: number;
// Never store the actual PII value
}
export function scanForPii(text: string): PiiFinding[] {
return PII_PATTERNS
.map(pattern => {
const matches = text.matchAll(pattern.regex);
const count = [...matches].length;
return count > 0 ? { type: pattern.type, count } : null;
})
.filter(Boolean) as PiiFinding[];
}
export function redactPii(text: string): string {
let redacted = text;
for (const pattern of PII_PATTERNS) {
redacted = redacted.replace(pattern.regex, `[REDACTED-${pattern.type.toUpperCase()}]`);
}
return redacted;
}
// Usage after PDF extraction
const extracted = await extractPdfContent('customer-form.pdf');
const piiFindings = scanForPii(extracted.text);
if (piiFindings.length > 0) {
console.warn('PII detected in extraction:', piiFindings);
// Store redacted version, or encrypt at rest
const safeText = redactPii(extracted.text);
}
```
### Step 3: Firefly Content Policy Compliance
Firefly API has built-in content guardrails. Handle policy rejections gracefully:
```typescript
// src/adobe/content-policy.ts
// Pre-screen prompts before sending to Firefly
const BLOCKED_PATTERNS = [
/\b(person|celebrity|actor|politician)\b/i,
/\b(nike|apple|google|disney|marvel)\b/i, // Trademarks
/\b(nude|explicit|violent|gore)\b/i,
];
export function validatePrompt(prompt: string): { valid: boolean; reason?: string } {
for (const pattern of BLOCKED_PATTERNS) {
if (pattern.test(prompt)) {
return {
valid: false,
reason: `Prompt may violate Firefly content policy: matches "${pattern.source}"`,
};
}
}
return { valid: true };
}
// Handle Firefly content policy rejection
export function handleContentPolicyError(error: any): string {
if (error.status === 400 && error.message?.includes('content policy')) {
return 'Prompt rejected by Adobe Firefly content policy. ' +
'Remove references to real people, trademarks, or explicit content.';
}
throw error;
}
```
### Step 4: Credential Redaction in Logs
```typescript
// src/adobe/safe-logger.ts
import pino from 'pino';
const logger = pino({
name: 'adobe',
redact: {
paths: [
'clientSecret',
'client_secret',
'access_token',
'accessToken',
'req.headers.authorization',
'req.headers["x-api-key"]',
],
censor: '[REDACTED]',
},
});
// Safe request logging — only log metadata, never credentials
export function logAdobeRequest(entry: {
api: string;
operation: string;
durationMs: number;
httpStatus: number;
jobId?: string;
requestId?: string; // From x-request-id response header
}) {
logger.info(entry, `adobe.${entry.api}.${entry.operation}`);
}
```
### Step 5: GDPR/CCPA — Adobe Privacy Service API
Adobe provides a Privacy Service API for data subject access and deletion requests:
```typescript
// GDPR Data Subject Access Request
export async function submitPrivacyRequest(
userId: string,
requestType: 'access' | 'delete'
): Promise<{ jobId: string }> {
const token = await getAccessToken();
const response = await fetch(
'https://platform.adobe.io/data/core/privacy/jobs',
{
method: 'POST',
headers: {
'Authorization': `Bearer ${token}`,
'x-api-key': process.env.ADOBE_CLIENT_ID!,
'x-gw-ims-org-id': process.env.ADOBE_IMS_ORG_ID!,
'Content-Type': 'application/json',
},
body: JSON.stringify({
companyContexts: [{
namespace: 'imsOrgID',
value: process.env.ADOBE_IMS_ORG_ID,
}],
users: [{
key: userId,
action: [requestType],
userIDs: [{
namespace: 'email',
value: userId,
type: 'standard',
}],
}],
regulation: 'gdpr', // or 'ccpa'
}),
}
);
const result = await response.json();
return { jobId: result.jobId };
}
```
### Data Retention Policy
| Data Type | Retention | Reason |
|-----------|-----------|--------|
| Firefly generated images | URLs expire 24h; cache intentionally | Adobe auto-expires |
| PDF extraction results | 30 days | Debugging |
| API access tokens | 24 hours (auto-expire) | Adobe IMS TTL |
| Error logs with request IDs | 90 days | Root cause analysis |
| Audit logs (who accessed what) | 7 years | Compliance |
## Output
- PII detection and redaction for PDF extraction results
- Firefly prompt pre-screening for content policy
- Credential redaction in all logs
- GDPR/CCPA data subject request support via Privacy Service API
- Data retention policy aligned with Adobe's auto-expiration
## Error Handling
| Issue | Cause | Solution |
|-------|-------|----------|
| PII in extraction output | Raw PDF content | Apply redactPii() before storage |
| Firefly prompt rejected | Content policy | Pre-screen with validatePrompt() |
| Credentials in logs | Missing redaction | Configure pino redact paths |
| Privacy request failed | Missing org ID | Set `ADOBE_IMS_ORG_ID` env var |
## Resources
- [Adobe Privacy Service API](https://developer.adobe.com/experience-platform-apis/references/privacy-service/)
- [Firefly Content Policy](https://developer.adobe.com/firefly-services/docs/firefly-api/)
- [GDPR Developer Guide](https://gdpr.eu/developers/)
## Next Steps
For enterprise access control, see `adobe-enterprise-rbac`.Related Skills
College Football Data (CFB)
Before writing queries, consult `references/api-reference.md` for endpoints, conference IDs, team IDs, and data shapes.
College Basketball Data (CBB)
Before writing queries, consult `references/api-reference.md` for endpoints, conference IDs, team IDs, and data shapes.
validating-database-integrity
Process use when you need to ensure database integrity through comprehensive data validation. This skill validates data types, ranges, formats, referential integrity, and business rules. Trigger with phrases like "validate database data", "implement data validation rules", "enforce data integrity constraints", or "validate data formats".
forecasting-time-series-data
This skill enables Claude to forecast future values based on historical time series data. It analyzes time-dependent data to identify trends, seasonality, and other patterns. Use this skill when the user asks to predict future values of a time series, analyze trends in data over time, or requires insights into time-dependent data. Trigger terms include "forecast," "predict," "time series analysis," "future values," and requests involving temporal data.
generating-test-data
This skill enables Claude to generate realistic test data for software development. It uses the test-data-generator plugin to create users, products, orders, and custom schemas for comprehensive testing. Use this skill when you need to populate databases, simulate user behavior, or create fixtures for automated tests. Trigger phrases include "generate test data", "create fake users", "populate database", "generate product data", "create test orders", or "generate data based on schema". This skill is especially useful for populating testing environments or creating sample data for demonstrations.
test-data-builder
Test Data Builder - Auto-activating skill for Test Automation. Triggers on: test data builder, test data builder Part of the Test Automation skill category.
splitting-datasets
Process split datasets into training, validation, and testing sets for ML model development. Use when requesting "split dataset", "train-test split", or "data partitioning". Trigger with relevant phrases based on skill purpose.
scanning-database-security
Process use when you need to work with security and compliance. This skill provides security scanning and vulnerability detection with comprehensive guidance and automation. Trigger with phrases like "scan for vulnerabilities", "implement security controls", or "audit security".
preprocessing-data-with-automated-pipelines
Process automate data cleaning, transformation, and validation for ML tasks. Use when requesting "preprocess data", "clean data", "ETL pipeline", or "data transformation". Trigger with relevant phrases based on skill purpose.
optimizing-database-connection-pooling
Process use when you need to work with connection management. This skill provides connection pooling and management with comprehensive guidance and automation. Trigger with phrases like "manage connections", "configure pooling", or "optimize connection usage".
modeling-nosql-data
This skill enables Claude to design NoSQL data models. It activates when the user requests assistance with NoSQL database design, including schema creation, data modeling for MongoDB or DynamoDB, or defining document structures. Use this skill when the user mentions "NoSQL data model", "design MongoDB schema", "create DynamoDB table", or similar phrases related to NoSQL database architecture. It assists in understanding NoSQL modeling principles like embedding vs. referencing, access pattern optimization, and sharding key selection.
monitoring-database-transactions
Monitor use when you need to work with monitoring and observability. This skill provides health monitoring and alerting with comprehensive guidance and automation. Trigger with phrases like "monitor system health", "set up alerts", or "track metrics".