Claude
Skills
Sign in
Back

adobe-data-handling

Included with Lifetime
$97 forever

Implement data handling for Adobe APIs including PII redaction in logs, Firefly content policy compliance, PDF document data classification, and GDPR/CCPA data subject access requests via Adobe Privacy Service. Trigger with phrases like "adobe data", "adobe PII", "adobe GDPR", "adobe data retention", "adobe privacy", "adobe content policy".

Writing & Docssaasdesignadobe

What this skill does

# Adobe Data Handling

## Overview

Handle sensitive data correctly when integrating with Adobe APIs. Key concerns include Firefly content policy compliance, PII in PDF extraction results, credential redaction in logs, and GDPR/CCPA compliance using Adobe Privacy Service API.

## Prerequisites

- Understanding of your data classification requirements
- Adobe SDK with appropriate API access
- Database for audit logging
- Familiarity with GDPR/CCPA obligations

## Instructions

### Step 1: Data Classification for Adobe API Data

| Category | Examples | Handling |
|----------|----------|----------|
| **Credentials** | `client_secret`, access tokens | Never log; rotate regularly |
| **User Content** | Uploaded images, PDFs | Encrypt at rest; delete per retention policy |
| **Generated Content** | Firefly outputs, processed PDFs | Time-limited URLs (24h); cache intentionally |
| **Extraction Results** | PDF text, tables, structured data | May contain PII; scan and redact |
| **API Metadata** | Job IDs, request IDs, timestamps | Safe to log; useful for debugging |

### Step 2: PII Detection in PDF Extraction Results

PDF Extract API returns raw text that may contain customer PII:

```typescript
// src/adobe/pii-scanner.ts
const PII_PATTERNS = [
  { type: 'email', regex: /[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}/g },
  { type: 'phone', regex: /\b\d{3}[-.]?\d{3}[-.]?\d{4}\b/g },
  { type: 'ssn', regex: /\b\d{3}-\d{2}-\d{4}\b/g },
  { type: 'credit_card', regex: /\b\d{4}[- ]?\d{4}[- ]?\d{4}[- ]?\d{4}\b/g },
];

interface PiiFinding {
  type: string;
  count: number;
  // Never store the actual PII value
}

export function scanForPii(text: string): PiiFinding[] {
  return PII_PATTERNS
    .map(pattern => {
      const matches = text.matchAll(pattern.regex);
      const count = [...matches].length;
      return count > 0 ? { type: pattern.type, count } : null;
    })
    .filter(Boolean) as PiiFinding[];
}

export function redactPii(text: string): string {
  let redacted = text;
  for (const pattern of PII_PATTERNS) {
    redacted = redacted.replace(pattern.regex, `[REDACTED-${pattern.type.toUpperCase()}]`);
  }
  return redacted;
}

// Usage after PDF extraction
const extracted = await extractPdfContent('customer-form.pdf');
const piiFindings = scanForPii(extracted.text);

if (piiFindings.length > 0) {
  console.warn('PII detected in extraction:', piiFindings);
  // Store redacted version, or encrypt at rest
  const safeText = redactPii(extracted.text);
}
```

### Step 3: Firefly Content Policy Compliance

Firefly API has built-in content guardrails. Handle policy rejections gracefully:

```typescript
// src/adobe/content-policy.ts

// Pre-screen prompts before sending to Firefly
const BLOCKED_PATTERNS = [
  /\b(person|celebrity|actor|politician)\b/i,
  /\b(nike|apple|google|disney|marvel)\b/i, // Trademarks
  /\b(nude|explicit|violent|gore)\b/i,
];

export function validatePrompt(prompt: string): { valid: boolean; reason?: string } {
  for (const pattern of BLOCKED_PATTERNS) {
    if (pattern.test(prompt)) {
      return {
        valid: false,
        reason: `Prompt may violate Firefly content policy: matches "${pattern.source}"`,
      };
    }
  }
  return { valid: true };
}

// Handle Firefly content policy rejection
export function handleContentPolicyError(error: any): string {
  if (error.status === 400 && error.message?.includes('content policy')) {
    return 'Prompt rejected by Adobe Firefly content policy. ' +
      'Remove references to real people, trademarks, or explicit content.';
  }
  throw error;
}
```

### Step 4: Credential Redaction in Logs

```typescript
// src/adobe/safe-logger.ts
import pino from 'pino';

const logger = pino({
  name: 'adobe',
  redact: {
    paths: [
      'clientSecret',
      'client_secret',
      'access_token',
      'accessToken',
      'req.headers.authorization',
      'req.headers["x-api-key"]',
    ],
    censor: '[REDACTED]',
  },
});

// Safe request logging — only log metadata, never credentials
export function logAdobeRequest(entry: {
  api: string;
  operation: string;
  durationMs: number;
  httpStatus: number;
  jobId?: string;
  requestId?: string;  // From x-request-id response header
}) {
  logger.info(entry, `adobe.${entry.api}.${entry.operation}`);
}
```

### Step 5: GDPR/CCPA — Adobe Privacy Service API

Adobe provides a Privacy Service API for data subject access and deletion requests:

```typescript
// GDPR Data Subject Access Request
export async function submitPrivacyRequest(
  userId: string,
  requestType: 'access' | 'delete'
): Promise<{ jobId: string }> {
  const token = await getAccessToken();

  const response = await fetch(
    'https://platform.adobe.io/data/core/privacy/jobs',
    {
      method: 'POST',
      headers: {
        'Authorization': `Bearer ${token}`,
        'x-api-key': process.env.ADOBE_CLIENT_ID!,
        'x-gw-ims-org-id': process.env.ADOBE_IMS_ORG_ID!,
        'Content-Type': 'application/json',
      },
      body: JSON.stringify({
        companyContexts: [{
          namespace: 'imsOrgID',
          value: process.env.ADOBE_IMS_ORG_ID,
        }],
        users: [{
          key: userId,
          action: [requestType],
          userIDs: [{
            namespace: 'email',
            value: userId,
            type: 'standard',
          }],
        }],
        regulation: 'gdpr', // or 'ccpa'
      }),
    }
  );

  const result = await response.json();
  return { jobId: result.jobId };
}
```

### Data Retention Policy

| Data Type | Retention | Reason |
|-----------|-----------|--------|
| Firefly generated images | URLs expire 24h; cache intentionally | Adobe auto-expires |
| PDF extraction results | 30 days | Debugging |
| API access tokens | 24 hours (auto-expire) | Adobe IMS TTL |
| Error logs with request IDs | 90 days | Root cause analysis |
| Audit logs (who accessed what) | 7 years | Compliance |

## Output

- PII detection and redaction for PDF extraction results
- Firefly prompt pre-screening for content policy
- Credential redaction in all logs
- GDPR/CCPA data subject request support via Privacy Service API
- Data retention policy aligned with Adobe's auto-expiration

## Error Handling

| Issue | Cause | Solution |
|-------|-------|----------|
| PII in extraction output | Raw PDF content | Apply redactPii() before storage |
| Firefly prompt rejected | Content policy | Pre-screen with validatePrompt() |
| Credentials in logs | Missing redaction | Configure pino redact paths |
| Privacy request failed | Missing org ID | Set `ADOBE_IMS_ORG_ID` env var |

## Resources

- [Adobe Privacy Service API](https://developer.adobe.com/experience-platform-apis/references/privacy-service/)
- [Firefly Content Policy](https://developer.adobe.com/firefly-services/docs/firefly-api/)
- GDPR Developer Guide

## Next Steps

For enterprise access control, see `adobe-enterprise-rbac`.
Files: 1
Size: 7.3 KB
Complexity: 18/100
Category: Writing & Docs
Source: https://github.com/jeremylongshore/claude-code-plugins-plus-skills/tree/main/plugins/saas-packs/adobe-pack/skills/adobe-data-handling

Related in Writing & Docs

jax-development

Included

Use this skill when the user is writing, debugging, profiling, refactoring, reviewing, benchmarking, parallelising, exporting, or explaining JAX code, or when they mention JAX, jax.numpy, jit, grad, value_and_grad, vmap, scan, lax, random keys, pytrees, jax.Array, sharding, Mesh, PartitionSpec, NamedSharding, pmap, shard_map, Pallas, XLA, StableHLO, checkify, profiler, or the JAX repo. It helps turn NumPy or PyTorch-style code into pure functional JAX, fix tracer/control-flow/shape/PRNG bugs, remove recompiles and host-device syncs, choose transforms and sharding strategies, inspect jaxpr/lowering/IR, and benchmark compiled code correctly.

Writing & Docsscripts

nature-article-writer

Included

Drafts, rewrites, diagnostically critiques, and style-calibrates primary research manuscripts for Nature and Nature Portfolio journals. Use when the user wants a Nature-style title, summary paragraph or abstract, introduction, results, discussion, methods, figure legends, presubmission enquiry, cover letter, reviewer response, or when a scientific draft sounds generic, jargon-heavy, structurally weak, or AI-ish and needs precise, broad-reader-friendly prose without inventing data, analyses, or references. Best for primary research articles and letters rather than reviews or press releases unless explicitly adapting one.

Writing & Docsscripts

deckrd

Included

Document-driven framework that derives requirements, specifications, implementation plans, and executable tasks from goals through structured AI dialogue. Use when user says "write requirements", "create spec", "plan implementation", "derive tasks", "structure this feature", "break down into tasks", or "document this module". Also use for reverse engineering existing code into docs (/deckrd rev). Do NOT use for direct code writing — use /deckrd-coder after tasks are generated. Do NOT use when the user only wants to run or fix existing code without planning.

Writing & Docsscripts

clinical-decision-support

Included

Generate professional clinical decision support (CDS) documents for pharmaceutical and clinical research settings, including patient cohort analyses (biomarker-stratified with outcomes) and treatment recommendation reports (evidence-based guidelines with decision algorithms). Supports GRADE evidence grading, statistical analysis (hazard ratios, survival curves, waterfall plots), biomarker integration, and regulatory compliance. Outputs publication-ready LaTeX/PDF format optimized for drug development, clinical research, and evidence synthesis.

Writing & Docsscripts

handling-sf-data

Included

Salesforce data operations with 130-point scoring. Use this skill to create, update, delete, bulk import/export, generate test data, and clean up org records using sf CLI and anonymous Apex. TRIGGER when: user creates test data, performs bulk import/export, uses sf data CLI commands, needs data factory patterns for Apex tests, or needs to seed/clean records in a Salesforce org. DO NOT TRIGGER when: SOQL query writing only (use querying-soql), Apex test execution (use running-apex-tests), or metadata deployment (use deploying-metadata).

Writing & Docsscripts

accelint-ac-to-playwright

Included

Convert and validate acceptance criteria for Playwright test automation. Use when user asks to (1) review/evaluate/check if AC are ready for automation, (2) assess if AC can be converted as-is, (3) validate AC quality for Playwright, (4) turn AC into tests, (5) generate tests from acceptance criteria, (6) convert .md bullets or .feature Gherkin files to Playwright specs, (7) create test automation from requirements. Handles both bullet-style markdown and Gherkin syntax with JSON test plan generation and validation.

Writing & Docsscripts
Sign up & unlock — $97