posthog-data-handling

The skill content is coherently aligned with its stated purpose of PostHog data handling and privacy/compliance patterns. It describes PII detection, redaction, retention, and GDPR/CCPA workflows with reasonable separation of concerns and defensible security practices. There are no evident malicious data exfiltration patterns, and no usage of unverifiable binaries. Minor concerns include ensuring all logging surfaces consistently redact data before emission, clarifying TLS/transport safeguards within code vs. environment, and harmonizing retention periods so PII deletion aligns with audit needs. Overall, the footprint is Benign with moderate security considerations to address in a real deployment.