Agent Skills
Discover and share powerful Agent Skills for AI assistants
posthog-data-handling - Agent Skill - Agent Skills
/ Skills / posthog-data-handling Implement PostHog PII handling, data retention, and GDPR/CCPA compliance patterns.
Use when handling sensitive data, implementing data redaction, configuring retention policies,
or ensuring compliance with privacy regulations for PostHog integrations.
Trigger with phrases like "posthog data", "posthog PII",
"posthog GDPR", "posthog data retention", "posthog privacy", "posthog CCPA".
Use the skills CLI to install this skill with one command. Auto-detects all installed AI assistants.
Method 1 - skills CLI
npx skills i jeremylongshore/claude-code-plugins-plus-skills/plugins/saas-packs/posthog-pack/skills/posthog-data-handlingMethod 2 - openskills (supports sync & update)
npx openskills install jeremylongshore/claude-code-plugins-plus-skillsAuto-detects Claude Code, Cursor, Codex CLI, Gemini CLI, and more. One install, works everywhere.
Installation Path
Download and extract to one of the following locations:
Claude Code Cursor OpenCode Gemini CLI Codex CLI
~/.claude/skills/posthog-data-handling/ Back No setup needed. Let our cloud agents run this skill for you.
Select Model
Claude Haiku 4.5 $0.10 Claude Sonnet 4.5 $0.20 Claude Opus 4.5 $0.50 Claude Sonnet 4.5 $0.20 /task
Best for coding tasks
No setup required
Handle sensitive data correctly when integrating with PostHog.
Understanding of GDPR/CCPA requirements
PostHog SDK with data export capabilities
Database for audit logging
Scheduled job infrastructure for cleanup
Category Examples Handling PII Email, name, phone Encrypt, minimize Sensitive API keys, tokens Never log, rotate Business Usage metrics Aggregate when possible Public Product names Standard handling
const PII_PATTERNS = [ { type: 'email' , regex: / [a-zA-Z0-9._%+-] + @ [a-zA-Z0-9.-] + \. [a-zA-Z] {2,} / g }, { type: 'phone' , regex: / \b \d {3} [-.] ? \d {3} function redactPII ( data : Record < string , any >) : Record < string , any > { const sensitiveFields = [ 'email' , 'phone' , 'ssn' , 'password' , 'apiKey' ]; const redacted = Data Type Retention Reason API logs 30 days Debugging Error logs 90 days Root cause analysis Audit logs 7 years Compliance PII Until deletion request GDPR/CCPA
async function cleanupPostHogData ( retentionDays : number ) : Promise < void > { const cutoff = new Date (); cutoff. setDate (cutoff. getDate () - retentionDays);
await db.posthogLogs. deleteMany ({ createdAt: { $lt: cutoff }, type: { $nin: [ 'audit' async function exportUserData ( userId : string ) : Promise < DataExport > { const posthogData = await posthogClient. getUserData (userId);
return { source: 'PostHog' , exportedAt: new Date (). toISOString (), data: { profile: posthogData.profile, async function deleteUserData ( userId : string ) : Promise < DeletionResult > { // 1. Delete from PostHog await posthogClient. deleteUser (userId);
// 2. Delete local copies await db.posthogUserCache. deleteMany ({ userId });
// 3. Audit log (required to keep) await auditLog. record ({ action: // Only request needed fields const user = await posthogClient. getUser (userId, { fields: [ 'id' , 'name' ], // Not email, phone, address });
// Don't store unnecessary data const cacheData = { id: user.id, name: user.name, // Omit sensitive fields }; Categorize all PostHog data by sensitivity level.
Add regex patterns to detect sensitive data in logs.
Apply redaction to sensitive fields before logging.
Configure automatic cleanup with appropriate retention periods.
Data classification documented
PII detection implemented
Redaction in logging active
Retention policy enforced
Issue Cause Solution PII in logs Missing redaction Wrap logging with redact Deletion failed Data locked Check dependencies Export incomplete Timeout Increase batch size Audit gap Missing entries Review log pipeline
const findings = detectPII ( JSON . stringify (userData)); if (findings. length > 0 ) { console. warn ( `PII detected: ${ findings . map ( f => f . type ). join ( ', ' ) }` ); } const safeData = redactPII (apiResponse); logger. info ( 'PostHog response:' , safeData); const userExport = await exportUserData ( 'user-123' ); await sendToUser (userExport); For enterprise access control, see posthog-enterprise-rbac.
[-.]
?
\d
{4}\b
/
g
},
{ type: 'ssn' , regex: / \b \d {3} - \d {2} - \d {4}\b / g },
{ type: 'credit_card' , regex: / \b \d {4} [- ] ? \d {4} [- ] ? \d {4} [- ] ? \d {4}\b / g },
];
function detectPII ( text : string ) : { type : string ; match : string }[] {
const findings : { type : string ; match : string }[] = [];
for ( const pattern of PII_PATTERNS ) {
const matches = text. matchAll (pattern.regex);
for ( const match of matches) {
findings. push ({ type: pattern.type, match: match[ 0 ] });
}
}
return findings;
}
{
...
data };
for ( const field of sensitiveFields) {
if (redacted[field]) {
redacted[field] = '[REDACTED]' ;
}
}
return redacted;
}
// Use in logging
console. log ( 'PostHog request:' , redactPII (requestData));
,
'compliance'
] },
});
}
// Schedule daily cleanup
cron. schedule ( '0 3 * * *' , () => cleanupPostHogData ( 30 ));
activities: posthogData.activities,
// Include all user-related data
},
};
}
'GDPR_DELETION'
,
userId,
service: 'posthog' ,
timestamp: new Date (),
});
return { success: true , deletedAt: new Date () };
}
Claude Sonnet 4.5