Gdpr Data Export Tool
AdvisoryAudited by Static analysis on May 4, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If users paste real production data, schemas, or identifiers into the agent, sensitive personal-data handling details could be exposed outside the intended privacy team workflow.
The skill asks the user to map all systems that hold subject data. That is appropriate for GDPR export design, but it may place sensitive system and personal-data context into the agent conversation or generated worksheets.
Data stores — every database, search index, object store, log store, analytics store, and SaaS holding subject data
Use sanitized schemas where possible, avoid pasting raw personal data unless approved, and keep generated inventories and exports in approved secure locations.
Incorrectly scoped vendor access or use by an unauthorized person could expose customer records or business account data.
Fetching subject data from SaaS sub-processors can require delegated access to third-party systems and customer/account data. This is expected for a DSAR pipeline, but it is privileged activity.
Wire vendor coordination: per-DPA endpoints to fetch subject data (Stripe, Intercom, Segment, etc.)
Use least-privilege vendor credentials, confirm controller/processor authority before fetching data, and document each vendor request in the audit log.
A flawed pipeline could send incomplete data, the wrong subject’s data, or third-party data in an export package.
The workflow aggregates data across systems into packaged exports. A mistake in identity matching, shared-record minimization, or delivery configuration could propagate into the final export, although the skill also includes safeguards such as authentication and shared-data handling.
Design the export pipeline (worker + queue + storage); choose JSON/CSV/HTML packaging
Test with internal subjects before launch, require human review for edge cases, validate identity matching across stores, and enforce expiry and access controls on export links.