This walks through a five-phase privacy review that catches runtime issues code review misses: tracking scripts firing before consent, PII leaking into URLs or console logs, undocumented third-party cookies, and fingerprinting attempts. It spins up a browser session to actually test your consent banner, inspect storage and network requests, and validate against GDPR Article 7, CCPA, and ePrivacy requirements. Most useful before launching in regulated jurisdictions or after adding analytics tools, when you need evidence of what's actually happening in the browser rather than what the code says should happen. The structured checks and evidence collection make it easier to document compliance or explain findings to legal teams.
npx skills add https://github.com/shiplightai/agent-skills --skill privacy-review