avra-cadavra/.cursor/skills/privacy-protection-patterns
.cursor/skills/privacy-protection-patterns/SKILL.md
--- name: privacy-protection-patterns description: Enforces privacy protection patterns: anonymization, no PII in logs, secure data handling, GDPR compliance. Use when handling user data, implementing AI2AI, or ensuring privacy compliance. --- # Privacy Protection Patterns ## Core Principle **Complete privacy protection with zero personal data exposure for AI2AI personality learning.** ## Anonymization Pattern ### Anonymize Personal Data ```dart /// Anonymize personality profile for AI2AI c
testing
Updated Apr 4, 2026
$ install --global
skillsauthnpx skillsauth add avra-cadavra/avrai .cursor/skills/privacy-protection-patternsInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 23, 2026, 1:35 AM1.7s1 file scanned
SKILL.md
- name:
- privacy-protection-patterns
- description:
- Enforces privacy protection patterns: anonymization, no PII in logs, secure data handling, GDPR compliance. Use when handling user data, implementing AI2AI, or ensuring privacy compliance.
Privacy Protection Patterns
Core Principle
Complete privacy protection with zero personal data exposure for AI2AI personality learning.
Anonymization Pattern
Anonymize Personal Data
/// Anonymize personality profile for AI2AI communication
/// Ensures zero personal data exposure while preserving learning value
Future<AnonymizedPersonalityData> anonymizePersonalityProfile(
PersonalityProfile profile,
) async {
// Generate cryptographically secure random salt
final salt = _generateSecureSalt();
// Create anonymized dimension vectors (no personal identifiers)
final anonymizedDimensions = await _anonymizeDimensions(
profile.dimensions,
salt,
);
// Create personality archetype hash (no personal identifiers)
final archetypeHash = await _createArchetypeHash(profile.archetype, salt);
// Generate anonymized fingerprint
final fingerprint = await _createAnonymizedFingerprint(
anonymizedDimensions,
archetypeHash,
salt,
);
return AnonymizedPersonalityData(
anonymizedDimensions: anonymizedDimensions,
archetypeHash: archetypeHash,
fingerprint: fingerprint,
// NO user ID, email, name, or other PII
);
}
No Personal Identifiers
/// ❌ BAD: Contains personal identifiers
class BadPersonalityData {
final String userId; // ❌ Personal identifier
final String email; // ❌ Personal identifier
final String name; // ❌ Personal identifier
final PersonalityDimensions dimensions;
}
/// ✅ GOOD: Anonymized data only
class AnonymizedPersonalityData {
final Map<String, double> anonymizedDimensions; // ✅ Anonymized
final String archetypeHash; // ✅ Hash, not personal data
final String fingerprint; // ✅ Anonymous fingerprint
// NO personal identifiers
}
Logging Privacy
❌ NEVER Log Personal Data
// ❌ BAD: Logs personal data
developer.log('User ${user.email} signed in'); // ❌ Email in logs
developer.log('Processing payment for ${user.name}'); // ❌ Name in logs
developer.log('User ID: ${user.id}'); // ❌ User ID in logs (if sensitive)
✅ Log Anonymized Data
// ✅ GOOD: Anonymized logging
developer.log('User signed in', name: 'AuthService');
developer.log('Processing payment', name: 'PaymentService');
developer.log('User operation completed', name: 'UserService');
// No personal identifiers in logs
Secure Data Handling
Encrypt Sensitive Data
/// Encrypt sensitive data at rest
Future<String> encryptSensitiveData(String data) async {
final key = await _getEncryptionKey();
final encrypted = await encrypt(data, key: key);
return encrypted;
}
/// Decrypt sensitive data
Future<String> decryptSensitiveData(String encrypted) async {
final key = await _getEncryptionKey();
final decrypted = await decrypt(encrypted, key: key);
return decrypted;
}
Secure Storage
/// Store sensitive data securely
class SecureStorageService {
final FlutterSecureStorage _secureStorage;
Future<void> storeSensitiveData(String key, String value) async {
await _secureStorage.write(
key: key,
value: value,
// Encrypted at rest
);
}
Future<String?> getSensitiveData(String key) async {
return await _secureStorage.read(key: key);
}
}
AI2AI Privacy Requirements
Anonymized Data Exchange
/// AI2AI data exchange must be anonymized
Future<void> exchangePersonalityData(Device device) async {
// Extract anonymized personality (no PII)
final anonymizedData = await PrivacyProtection.anonymizePersonalityProfile(
_user.personality,
);
// Exchange anonymized data only
await _sendToDevice(device, anonymizedData);
// Never send: userId, email, name, or other PII
}
Privacy Validation
/// Validate anonymization quality
Future<bool> validateAnonymization(
PersonalityProfile original,
AnonymizedPersonalityData anonymized,
) async {
// Verify no personal identifiers present
final hasPersonalData = anonymized.fingerprint.contains(
RegExp(r'user|email|name|id'),
);
if (hasPersonalData) {
developer.log('Privacy violation: Personal data in anonymized data');
return false;
}
return true;
}
GDPR Compliance
Data Minimization
/// Collect only necessary data
class DataCollectionService {
/// ❌ BAD: Collect unnecessary data
Future<void> collectUserDataBad() async {
// Collecting more than necessary
await store('email', email);
await store('phone', phone);
await store('address', address);
}
/// ✅ GOOD: Collect only necessary data
Future<void> collectUserDataGood() async {
// Collect only what's needed for functionality
await store('personality_dimensions', dimensions);
// Don't collect: email, phone, address (unless required)
}
}
Right to Deletion
/// Implement user data deletion
Future<void> deleteUserData(String userId) async {
// Delete all user data
await _database.delete('users', where: 'id = ?', whereArgs: [userId]);
await _database.delete('spots', where: 'userId = ?', whereArgs: [userId]);
await _secureStorage.delete(key: userId);
// Log deletion (anonymized)
developer.log('User data deleted', name: 'DataDeletionService');
}
Privacy Checklist
- [ ] No personal identifiers in logs
- [ ] All AI2AI data is anonymized
- [ ] Sensitive data encrypted at rest
- [ ] Secure storage for sensitive data
- [ ] Data minimization (collect only necessary)
- [ ] User data deletion supported
- [ ] No PII in error messages
- [ ] Privacy validation in place
- [ ] GDPR compliance verified
Reference
lib/core/ai/privacy_protection.dart- Privacy protection implementationlib/core/models/anonymized_personality_data.dart- Anonymized data models
Related Skills
avra-cadavra/.cursor/skills/world-model-development
development
VerifiedTrustedCommunity
--- name: world-model-development description: Guides world model development patterns: state/action encoders, ONNX inference, feature extraction pipeline, latency budgets. Use when implementing world model components, state encoders, action encoders, feature extractors, or ONNX models. Core skill for Phases 3-6. --- # World Model Development Patterns ## Core Principle All world model components follow LeCun's autonomous machine intelligence framework. State observations flow through a percep
SKILL.mdUpdated Apr 4, 2026
avra-cadavra/workflow-controller-pattern
tools
VerifiedTrustedCommunity
Implements base workflow controller patterns for multi-step processes. Use when creating complex workflows that require orchestration of multiple steps with error handling and rollback.
SKILL.mdUpdated Apr 4, 2026
avra-cadavra/.cursor/skills/widget-test-patterns
testing
VerifiedTrustedCommunity
--- name: widget-test-patterns description: Guides widget test patterns: BLoC testing, user interactions, state changes, material app setup. Use when writing widget tests, testing UI components, or validating widget behavior. --- # Widget Test Patterns ## Core Pattern Widget tests verify UI behavior: user interactions, state changes, and visual display. ## Basic Widget Test Setup ```dart testWidgets('widget displays correctly', (WidgetTester tester) async { // Arrange: Create widget awa
SKILL.mdUpdated Apr 4, 2026
avra-cadavra/.cursor/skills/test-template-generation
testing
VerifiedTrustedCommunity
--- name: test-template-generation description: Generates test templates: unit, widget, integration, service tests following project patterns. Use when creating new tests or ensuring tests follow project standards. --- # Test Template Generation ## Available Templates Test templates are located in `test/templates/`: - `unit_test_template.dart` - `widget_test_template.dart` - `integration_test_template.dart` - `service_test_template.dart` ## Unit Test Template ```dart /// SPOTS Component Uni
SKILL.mdUpdated Apr 4, 2026