npx claudepluginhub haabe/mycelium --plugin myceliumThis skill uses the workspace's default tool permissions.
Privacy by Design assessment.
Conducts GDPR compliance assessments for systems or processing activities, including data mapping, lawful basis checks, DPIA evaluation, data subject rights review, and prioritized remediation roadmaps.
Conduct Privacy Impact Assessments (PIA) to evaluate privacy risks and compliance for data processing activities.
Implements GDPR-compliant data handling with consent management, data subject rights, and privacy by design. For systems processing EU personal data, privacy controls, or compliance reviews.
Share bugs, ideas, or general feedback.
Privacy by Design assessment.
Proactive not Reactive: Are privacy measures built in from the start?
Privacy as Default: Is the most private option the default?
Privacy Embedded in Design: Is privacy integral to the system?
Positive-Sum, not Zero-Sum (originally "Full Functionality"): Privacy without trade-offs?
End-to-End Security: Data protected throughout its lifecycle?
Visibility and Transparency: Is data processing transparent?
Respect for User Privacy: Are user interests centered?
## Privacy Assessment: [Feature/System]
### PbD Principles
| Principle | Status | Notes |
|-----------|--------|-------|
| Proactive | Pass/Fail | ... |
| Default privacy | Pass/Fail | ... |
| Embedded | Pass/Fail | ... |
| Full functionality | Pass/Fail | ... |
| End-to-end security | Pass/Fail | ... |
| Transparency | Pass/Fail | ... |
| User respect | Pass/Fail | ... |
### Data Inventory
| Data | Purpose | Basis | Retention | Protection |
|------|---------|-------|-----------|-----------|
| ... | ... | ... | ... | ... |
### Risks and Recommendations
1. [risk and recommended action]
APPEND a ### Privacy Assessment entry to .claude/harness/decision-log.md with: principles assessed, data flows identified, risks found, GDPR compliance status.