adobe-data-handling
Implement data handling for Adobe APIs including PII redaction in logs, Firefly content policy compliance, PDF document data classification, and GDPR/CCPA data subject access requests via Adobe Privacy Service. Trigger with phrases like "adobe data", "adobe PII", "adobe GDPR", "adobe data retention", "adobe privacy", "adobe content policy".
Best use case
adobe-data-handling is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Implement data handling for Adobe APIs including PII redaction in logs, Firefly content policy compliance, PDF document data classification, and GDPR/CCPA data subject access requests via Adobe Privacy Service. Trigger with phrases like "adobe data", "adobe PII", "adobe GDPR", "adobe data retention", "adobe privacy", "adobe content policy".
Teams using adobe-data-handling should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/adobe-data-handling/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How adobe-data-handling Compares
| Feature / Agent | adobe-data-handling | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Implement data handling for Adobe APIs including PII redaction in logs, Firefly content policy compliance, PDF document data classification, and GDPR/CCPA data subject access requests via Adobe Privacy Service. Trigger with phrases like "adobe data", "adobe PII", "adobe GDPR", "adobe data retention", "adobe privacy", "adobe content policy".
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
Related Guides
ChatGPT vs Claude for Agent Skills
Compare ChatGPT and Claude for AI agent skills across coding, writing, research, and reusable workflow execution.
Best AI Skills for Claude
Explore the best AI skills for Claude and Claude Code across coding, research, workflow automation, documentation, and agent operations.
SKILL.md Source
# Adobe Data Handling
## Overview
Handle sensitive data correctly when integrating with Adobe APIs. Key concerns include Firefly content policy compliance, PII in PDF extraction results, credential redaction in logs, and GDPR/CCPA compliance using Adobe Privacy Service API.
## Prerequisites
- Understanding of your data classification requirements
- Adobe SDK with appropriate API access
- Database for audit logging
- Familiarity with GDPR/CCPA obligations
## Instructions
### Step 1: Data Classification for Adobe API Data
| Category | Examples | Handling |
|----------|----------|----------|
| **Credentials** | `client_secret`, access tokens | Never log; rotate regularly |
| **User Content** | Uploaded images, PDFs | Encrypt at rest; delete per retention policy |
| **Generated Content** | Firefly outputs, processed PDFs | Time-limited URLs (24h); cache intentionally |
| **Extraction Results** | PDF text, tables, structured data | May contain PII; scan and redact |
| **API Metadata** | Job IDs, request IDs, timestamps | Safe to log; useful for debugging |
### Step 2: PII Detection in PDF Extraction Results
PDF Extract API returns raw text that may contain customer PII:
```typescript
// src/adobe/pii-scanner.ts
const PII_PATTERNS = [
{ type: 'email', regex: /[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}/g },
{ type: 'phone', regex: /\b\d{3}[-.]?\d{3}[-.]?\d{4}\b/g },
{ type: 'ssn', regex: /\b\d{3}-\d{2}-\d{4}\b/g },
{ type: 'credit_card', regex: /\b\d{4}[- ]?\d{4}[- ]?\d{4}[- ]?\d{4}\b/g },
];
interface PiiFinding {
type: string;
count: number;
// Never store the actual PII value
}
export function scanForPii(text: string): PiiFinding[] {
return PII_PATTERNS
.map(pattern => {
const matches = text.matchAll(pattern.regex);
const count = [...matches].length;
return count > 0 ? { type: pattern.type, count } : null;
})
.filter(Boolean) as PiiFinding[];
}
export function redactPii(text: string): string {
let redacted = text;
for (const pattern of PII_PATTERNS) {
redacted = redacted.replace(pattern.regex, `[REDACTED-${pattern.type.toUpperCase()}]`);
}
return redacted;
}
// Usage after PDF extraction
const extracted = await extractPdfContent('customer-form.pdf');
const piiFindings = scanForPii(extracted.text);
if (piiFindings.length > 0) {
console.warn('PII detected in extraction:', piiFindings);
// Store redacted version, or encrypt at rest
const safeText = redactPii(extracted.text);
}
```
### Step 3: Firefly Content Policy Compliance
Firefly API has built-in content guardrails. Handle policy rejections gracefully:
```typescript
// src/adobe/content-policy.ts
// Pre-screen prompts before sending to Firefly
const BLOCKED_PATTERNS = [
/\b(person|celebrity|actor|politician)\b/i,
/\b(nike|apple|google|disney|marvel)\b/i, // Trademarks
/\b(nude|explicit|violent|gore)\b/i,
];
export function validatePrompt(prompt: string): { valid: boolean; reason?: string } {
for (const pattern of BLOCKED_PATTERNS) {
if (pattern.test(prompt)) {
return {
valid: false,
reason: `Prompt may violate Firefly content policy: matches "${pattern.source}"`,
};
}
}
return { valid: true };
}
// Handle Firefly content policy rejection
export function handleContentPolicyError(error: any): string {
if (error.status === 400 && error.message?.includes('content policy')) {
return 'Prompt rejected by Adobe Firefly content policy. ' +
'Remove references to real people, trademarks, or explicit content.';
}
throw error;
}
```
### Step 4: Credential Redaction in Logs
```typescript
// src/adobe/safe-logger.ts
import pino from 'pino';
const logger = pino({
name: 'adobe',
redact: {
paths: [
'clientSecret',
'client_secret',
'access_token',
'accessToken',
'req.headers.authorization',
'req.headers["x-api-key"]',
],
censor: '[REDACTED]',
},
});
// Safe request logging — only log metadata, never credentials
export function logAdobeRequest(entry: {
api: string;
operation: string;
durationMs: number;
httpStatus: number;
jobId?: string;
requestId?: string; // From x-request-id response header
}) {
logger.info(entry, `adobe.${entry.api}.${entry.operation}`);
}
```
### Step 5: GDPR/CCPA — Adobe Privacy Service API
Adobe provides a Privacy Service API for data subject access and deletion requests:
```typescript
// GDPR Data Subject Access Request
export async function submitPrivacyRequest(
userId: string,
requestType: 'access' | 'delete'
): Promise<{ jobId: string }> {
const token = await getAccessToken();
const response = await fetch(
'https://platform.adobe.io/data/core/privacy/jobs',
{
method: 'POST',
headers: {
'Authorization': `Bearer ${token}`,
'x-api-key': process.env.ADOBE_CLIENT_ID!,
'x-gw-ims-org-id': process.env.ADOBE_IMS_ORG_ID!,
'Content-Type': 'application/json',
},
body: JSON.stringify({
companyContexts: [{
namespace: 'imsOrgID',
value: process.env.ADOBE_IMS_ORG_ID,
}],
users: [{
key: userId,
action: [requestType],
userIDs: [{
namespace: 'email',
value: userId,
type: 'standard',
}],
}],
regulation: 'gdpr', // or 'ccpa'
}),
}
);
const result = await response.json();
return { jobId: result.jobId };
}
```
### Data Retention Policy
| Data Type | Retention | Reason |
|-----------|-----------|--------|
| Firefly generated images | URLs expire 24h; cache intentionally | Adobe auto-expires |
| PDF extraction results | 30 days | Debugging |
| API access tokens | 24 hours (auto-expire) | Adobe IMS TTL |
| Error logs with request IDs | 90 days | Root cause analysis |
| Audit logs (who accessed what) | 7 years | Compliance |
## Output
- PII detection and redaction for PDF extraction results
- Firefly prompt pre-screening for content policy
- Credential redaction in all logs
- GDPR/CCPA data subject request support via Privacy Service API
- Data retention policy aligned with Adobe's auto-expiration
## Error Handling
| Issue | Cause | Solution |
|-------|-------|----------|
| PII in extraction output | Raw PDF content | Apply redactPii() before storage |
| Firefly prompt rejected | Content policy | Pre-screen with validatePrompt() |
| Credentials in logs | Missing redaction | Configure pino redact paths |
| Privacy request failed | Missing org ID | Set `ADOBE_IMS_ORG_ID` env var |
## Resources
- [Adobe Privacy Service API](https://developer.adobe.com/experience-platform-apis/references/privacy-service/)
- [Firefly Content Policy](https://developer.adobe.com/firefly-services/docs/firefly-api/)
- [GDPR Developer Guide](https://gdpr.eu/developers/)
## Next Steps
For enterprise access control, see `adobe-enterprise-rbac`.Related Skills
generating-test-data
Generate realistic test data including edge cases and boundary conditions. Use when creating realistic fixtures or edge case test data. Trigger with phrases like "generate test data", "create fixtures", or "setup test database".
managing-database-tests
Test database testing including fixtures, transactions, and rollback management. Use when performing specialized testing. Trigger with phrases like "test the database", "run database tests", or "validate data integrity".
encrypting-and-decrypting-data
Validate encryption implementations and cryptographic practices. Use when reviewing data security measures. Trigger with 'check encryption', 'validate crypto', or 'review security keys'.
scanning-for-data-privacy-issues
Scan for data privacy issues and sensitive information exposure. Use when reviewing data handling practices. Trigger with 'scan privacy issues', 'check sensitive data', or 'validate data protection'.
windsurf-data-handling
Control what code and data Windsurf AI can access and process in your workspace. Use when handling sensitive data, implementing data exclusion patterns, or ensuring compliance with privacy regulations in Windsurf environments. Trigger with phrases like "windsurf data privacy", "windsurf PII", "windsurf GDPR", "windsurf compliance", "codeium data", "windsurf telemetry".
webflow-data-handling
Implement Webflow data handling — CMS content delivery patterns, PII redaction in form submissions, GDPR/CCPA compliance for ecommerce data, and data retention policies. Trigger with phrases like "webflow data", "webflow PII", "webflow GDPR", "webflow data retention", "webflow privacy", "webflow CCPA", "webflow forms data".
vercel-data-handling
Implement data handling, PII protection, and GDPR/CCPA compliance for Vercel deployments. Use when handling sensitive data in serverless functions, implementing data redaction, or ensuring privacy compliance on Vercel. Trigger with phrases like "vercel data", "vercel PII", "vercel GDPR", "vercel data retention", "vercel privacy", "vercel compliance".
veeva-data-handling
Veeva Vault data handling for enterprise operations. Use when implementing advanced Veeva Vault patterns. Trigger: "veeva data handling".
vastai-data-handling
Manage training data and model artifacts securely on Vast.ai GPU instances. Use when transferring data to instances, managing checkpoints, or implementing secure data lifecycle on rented hardware. Trigger with phrases like "vastai data", "vastai upload data", "vastai checkpoints", "vastai data security", "vastai artifacts".
twinmind-data-handling
Handle TwinMind meeting data with GDPR compliance: transcript storage, memory vault management, data export, and deletion policies. Use when implementing data handling, or managing TwinMind meeting AI operations. Trigger with phrases like "twinmind data handling", "twinmind data handling".
supabase-data-handling
Implement GDPR/CCPA compliance with Supabase: RLS for data isolation, user deletion via auth.admin.deleteUser(), data export via SQL, PII column management, backup/restore workflows, and retention policies. Use when handling sensitive data, implementing right-to-deletion, configuring data retention, or auditing PII in Supabase database columns. Trigger: "supabase GDPR", "supabase data handling", "supabase PII", "supabase compliance", "supabase data retention", "supabase delete user", "supabase data export".
speak-data-handling
Handle student audio data, assessment records, and learning progress with GDPR/COPPA compliance. Use when implementing data handling, or managing Speak language learning platform operations. Trigger with phrases like "speak data handling", "speak data handling".