Thank you for your interest in contributing to this open-source privacy and data protection skills database. This guide explains how to submit new skills, improve existing ones, and maintain quality standards.
You do not need to be a developer to contribute. DPOs, privacy lawyers, GRC analysts, and compliance professionals are the domain experts this project needs most.
Option 1: GitHub Issue Templates
- Request a new skill — describe the privacy workflow and regulatory basis
- Suggest improvements — flag inaccuracies or missing coverage
Option 2: Plain Language Description Open a GitHub Issue with the title "[Skill Suggestion] Your Skill Name" and describe:
- What privacy task this skill should help AI agents perform
- Which regulation(s) it relates to (article/section numbers if known)
- The step-by-step workflow a privacy professional would follow
- Any enforcement precedents or regulatory guidance
Maintainers will convert your description into the agentskills.io format. You will be credited as a contributor.
git clone https://github.com/<your-username>/Privacy-Data-Protection-Skills.git
cd Privacy-Data-Protection-Skillsgit checkout -b feat/your-skill-nameBranch naming convention:
feat/skill-namefor new skillsfix/skill-namefor corrections to existing skillsdocs/topicfor documentation changes
Each skill lives in its own directory under skills/privacy/:
skills/privacy/your-skill-name/
SKILL.md
references/
standards.md
workflows.md
scripts/
process.py
assets/
template.md
git add skills/privacy/your-skill-name/
git commit -m "feat: add your-skill-name skill"
git push origin feat/your-skill-nameOpen a pull request against the main branch with a clear description of the skill and its regulatory basis.
Every SKILL.md must begin with YAML frontmatter following the agentskills.io open standard:
---
name: your-skill-name
description: >-
A clear, specific description of what this skill does, when to activate it,
and which regulatory provisions it covers. Include relevant keywords for
discovery. Maximum 1024 characters.
license: Apache-2.0
metadata:
author: your-github-username
version: "1.0"
domain: privacy
subdomain: one-of-twenty-subdomains
tags: "comma, separated, relevant, tags"
---| Field | Requirement |
|---|---|
name |
Lowercase with hyphens, must match parent directory name, max 64 characters |
description |
Max 1024 characters, must include activation keywords |
license |
Must be Apache-2.0 |
metadata.domain |
Must be privacy |
metadata.subdomain |
Must be one of the 20 defined subdomains |
| Subdomain | Description |
|---|---|
gdpr-compliance |
EU General Data Protection Regulation |
data-subject-rights |
Individual rights under privacy laws |
consent-management |
Consent collection, storage, and lifecycle |
privacy-impact-assessment |
DPIAs, PIAs, and risk assessments |
data-breach-response |
Breach detection, notification, and remediation |
cross-border-transfers |
International data transfer mechanisms |
privacy-by-design |
Privacy engineering and architecture |
data-classification |
Data discovery, inventory, and classification |
records-of-processing |
RoPA and processing activity documentation |
cookie-consent-compliance |
Cookie banners, tracking, and ePrivacy |
ai-privacy-governance |
AI/ML privacy, DPIA for AI, AI Act |
employee-data-privacy |
Workplace monitoring and HR data |
children-data-protection |
COPPA, Age-Appropriate Design Code |
data-retention-deletion |
Retention schedules and secure deletion |
vendor-privacy-management |
Third-party risk and processor oversight |
privacy-engineering |
Technical privacy controls and PETs |
us-state-privacy-laws |
CCPA/CPRA, state privacy legislation |
healthcare-privacy |
HIPAA, health data protection |
global-privacy-regulations |
LGPD, PIPL, DPDP Act, POPIA |
privacy-audit-certification |
Privacy audits, certifications, and standards |
Every skill must contain exactly 5 files:
- YAML frontmatter as specified above
- Body under 500 lines
- Progressive disclosure: lean SKILL.md with details in references/
- Sections: Overview, key concepts, decision criteria, integration points
- Minimum 2 real regulatory citations with article numbers
- Include primary legislation, regulatory guidance, and enforcement precedents
- Use exact article references (e.g., "GDPR Article 35(7)(c)")
- Include publication dates and document identifiers
- Step-by-step procedural guidance
- Organised in numbered phases and steps
- Actionable instructions, not abstract principles
- Decision points with clear criteria
- Syntactically valid Python 3 (must pass
python3 -m py_compile) - Functional tool that implements the skill logic
- Includes
if __name__ == "__main__":block with realistic sample data - Uses only standard library modules (no external dependencies)
- Produces formatted output when run
- Fully completed template using a realistic example organisation
- No empty fields, no placeholder text
- Demonstrates how the skill output looks in practice
- Includes realistic dates, names, findings, and recommendations
Before submitting your pull request, verify:
-
namein frontmatter matches the parent directory name exactly -
descriptionis under 1024 characters -
SKILL.mdbody is under 500 lines -
references/standards.mdcontains 2+ real regulatory citations -
references/workflows.mdhas numbered procedural steps -
scripts/process.pypassespython3 -m py_compile -
assets/template.mdis fully filled with realistic data - No placeholder text: no
TODO,TBD,[insert],example.com,PLACEHOLDER - No synthetic or fabricated regulatory citations
- All GDPR article references are accurate
- Enforcement precedents include real case references and fine amounts
- Automated checks: GitHub Actions validates frontmatter, Python syntax, and placeholder detection
- Maintainer review: A maintainer reviews regulatory accuracy and skill quality
- Merge: Approved PRs are merged to
mainand included in the next release
Reviews typically complete within 5 business days. Maintainers may request changes for regulatory accuracy, formatting consistency, or quality improvements.
- Regulatory errors: Open an issue with the
regulatory-accuracylabel - Missing skills: Use the "New Skill Request" issue template
- Improvements: Use the "Skill Improvement" issue template
- Bugs: Use the "Bug Report" issue template
This project follows the Contributor Covenant v2.1. By participating, you agree to uphold this code.