feat(agents): add Privacy Planner, SSSC reviewer, and privacy-standards skill

[WilliamBerryiii]

feat(agents): add Privacy Planner, SSSC reviewer, and privacy-standards skill

Description

This PR adds a Privacy Planner capability to hve-core, following the same phase-based shape as the existing RAI, Security, SSSC, and Accessibility planners. The work introduces a planning agent, a thin reviewer, a domain skill with framework references, supporting requirements docs, and the collection and plugin wiring needed to distribute the new artifacts. It also adds a complementary SSSC Reviewer agent for supply-chain security review.

Privacy Planner and identity

The new .github/agents/privacy/privacy-planner.agent.md defines a six-phase workflow — Capture, Data Mapping, Risk+DPIA, Controls, Impact, Handoff — with capture and from-prd entry modes and state persisted under .copilot-tracking/privacy-plans/{project-slug}/state.json. Its companion .github/instructions/privacy/privacy-identity.instructions.md extends planner-identity-base with the phase definitions, a DPIA threshold hard gate that blocks progression from Phase 2 to Phase 5 when processing crosses a risk threshold, the state schema, and the resume protocol.

Privacy Standards skill

All domain knowledge lives in .github/skills/project-planning/privacy-standards/SKILL.md rather than in the agent. The skill carries a framework index, phase-to-framework mapping, and explicit citation fields, backed by six paraphrased reference files covering the NIST Privacy Framework, NISTIR 8062, GDPR, CCPA/CPRA, OWASP Top 10 Privacy Risks, and DPIA thresholds. Upstream attribution is preserved (OWASP CC-BY-SA-4.0, NIST public domain, paraphrased GDPR/CCPA).

Reviewer agents

.github/agents/privacy/privacy-reviewer.agent.md is a thin orchestrator with plan, review, and audit modes; when no privacy plan exists it falls back to reviewing the source PRD/BRD and records the absence as a gap. .github/agents/security/sssc-reviewer.agent.md provides an evidence-based supply-chain security reviewer with audit, diff, and plan-review modes.

Shared overlays, docs, and wiring

The shared overlays in .github/instructions/shared/disclaimer-language.instructions.md, .github/instructions/shared/planner-identity-base.instructions.md, .github/instructions/shared/telemetry-overlay.instructions.md, and .github/instructions/shared/untrusted-content-boundary.instructions.md were extended to apply to the new privacy-plans paths. Requirements were documented in docs/brds/privacy-planner-brd.md and docs/prds/privacy-planner-prd.md. The new artifacts were registered at experimental maturity in the hve-core-all, project-planning, and security collections, plugin outputs were regenerated (path config, symlinks, and README tables), and scripts/collections/Validate-Collections.ps1 now recognizes privacy as a collection domain.

Related Issue(s)

Closes #2137

Type of Change

Select all that apply:

Code & Documentation:

• Bug fix (non-breaking change fixing an issue)
• New feature (non-breaking change adding functionality)
• Breaking change (fix or feature causing existing functionality to change)
• Documentation update

Infrastructure & Configuration:

• GitHub Actions workflow
• Linting configuration (markdown, PowerShell, etc.)
• Security configuration
• DevContainer configuration
• Dependency update

AI Artifacts:

• Reviewed contribution with prompt-builder agent and addressed all feedback
• Copilot instructions (.github/instructions/*.instructions.md)
• Copilot prompt (.github/prompts/*.prompt.md)
• Copilot agent (.github/agents/*.agent.md)
• Copilot skill (.github/skills/*/SKILL.md)
• Eval spec added/updated for changed AI artifacts (evals/)

Note for AI Artifact Contributors:

• Agents: Research, indexing/referencing other project (using standard VS Code GitHub Copilot/MCP tools), planning, and general implementation agents likely already exist. Review .github/agents/ before creating new ones.
• Skills: Must include both bash and PowerShell scripts. See Skills.
• Model Versions: Only contributions targeting the latest Anthropic and OpenAI models will be accepted. Older model versions (e.g., GPT-3.5, Claude 3) will be rejected.
• See Agents Not Accepted and Model Version Requirements.

Other:

• Script/automation (.ps1, .sh, .py)
• Other (please describe):

Sample Prompts (for AI Artifact Contributions)

User Request:

"Start a privacy plan for our new customer analytics service that ingests account profiles and usage events."

Execution Flow:

1. The Privacy Planner initializes a capture session and writes state to .copilot-tracking/privacy-plans/{project-slug}/state.json.
2. It works through the six phases — Capture, Data Mapping, Risk+DPIA, Controls, Impact, Handoff — leading with processing activities and data flows before introducing standards vocabulary.
3. During Risk+DPIA, the DPIA threshold gate evaluates the processing against the configured criteria; crossing the threshold hard-blocks progression to the Impact phase until the assessment completes.
4. Findings cite sources from the privacy-standards skill (NIST Privacy Framework, NISTIR 8062, GDPR, CCPA/CPRA, OWASP Top 10 Privacy Risks).
5. The Handoff phase emits backlog-ready items with privacy-specific fields.

Output Artifacts:

• .copilot-tracking/privacy-plans/{project-slug}/state.json — session state and phase/gate results.
• A privacy plan with data map, risk + DPIA assessment, controls, impact, and handoff items.

Success Indicators:

• Each finding cites a specific control from one of the supported standards.
• The DPIA gate status is recorded and respected before the Impact phase proceeds.
• Collection and plugin validation recognizes the privacy artifacts.

Testing

• Ran the repository linting and validation commands listed under Required Automated Checks; results are recorded in the checklist below.

Checklist

Required Checks

• Documentation is updated (if applicable)
• Files follow existing naming conventions
• Changes are backwards compatible (if applicable)
• Tests added for new functionality (if applicable)

AI Artifact Contributions

• Used /prompt-analyze to review contribution
• Addressed all feedback from prompt-builder review
• Verified contribution follows common standards and type-specific requirements

Required Automated Checks

The following validation commands must pass before merging:

• Markdown linting: npm run lint:md
• Spell checking: npm run spell-check
• Frontmatter validation: npm run lint:frontmatter
• Skill structure validation: npm run validate:skills
• Link validation: npm run lint:md-links
• PowerShell analysis: npm run lint:ps
• Eval spec schema and coverage (if AI artifacts changed): npm run eval:lint:schema
• Plugin freshness: npm run plugin:generate
• Docusaurus tests: npm run docs:test

Security Considerations

• This PR does not contain any sensitive or NDA information
• Any new dependencies have been reviewed for security issues
• Security-related scripts follow the principle of least privilege

Additional Notes

• The privacy-standards reference files paraphrase upstream standards with attribution rather than reproducing them verbatim, consistent with the repository licensing posture.
• The large deletion count in the diff is concentrated in regenerated collection and plugin README tables (formatting normalization), not removed functionality.

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 78.94%. Comparing base (44b42d4) to head (c0b48fb).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #2168      +/-   ##
==========================================
- Coverage   81.24%   78.94%   -2.31%     
==========================================
  Files         127       95      -32     
  Lines       18831    13486    -5345     
  Branches       12       12              
==========================================
- Hits        15300    10647    -4653     
+ Misses       3528     2836     -692     
  Partials        3        3              

Flag	Coverage Δ
docusaurus	61.84% <ø> (ø)
pester	86.04% <100.00%> (-0.02%)	⬇️
pytest	69.07% <ø> (-8.83%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines	Coverage Δ
scripts/collections/Validate-Collections.ps1	93.91% <100.00%> (+0.02%)	⬆️

... and 34 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[github-actions]

Eval Execution

❌ Status: Failed

• Artifacts evaluated: 10
• Specs run: 3
• Assertions passed: 1470
• Assertions failed: 583
• Failed specs: 1

Artifact	Kind	Status	Passed	Failed
privacy-planner	agent	❌ fail	191	68
privacy-reviewer	agent	❌ fail	191	68
sssc-reviewer	agent	❌ fail	191	68
privacy-identity	instruction	❌ fail	87	61
disclaimer-language	instruction	❌ fail	87	61
planner-identity-base	instruction	❌ fail	87	61
telemetry-overlay	instruction	❌ fail	87	61
untrusted-content-boundary	instruction	❌ fail	87	61
privacy-standards	skill	❌ fail	231	37
backlog-templates	skill	❌ fail	231	37

[katriendg]

Code review — Privacy Planner, SSSC Reviewer, privacy-standards skill

First, thank you for this — it's a substantial, well-structured contribution. The phase-based Privacy Planner cleanly mirrors the sibling-planner shape, the domain knowledge is correctly isolated in the privacy-standards skill with proper mixed-license attribution, the collection/plugin wiring is complete, the state.json schema is isomorphic to the other planners, and the shared applyTo overlays are consistent and well-formed. Really nice work.

Note on CI: I can see the Eval Validation / Eval Execute jobs (agent/instruction/prompt/skill) are still failing. I understand those are in-flight and you're already addressing them, so I have not factored the CI state into this review or its verdict.

With that set aside, two items drive the request for changes plus two minor notes:

🔴 High — Hardcoded non-relative skill path (portability)

.github/agents/security/sssc-reviewer.agent.md (lines 25 and 88) references the supply-chain-security skill by a repo-root-relative SKILL.md path. Per prompt-builder.instructions.md ("Skill Invocation from Callers"), skills must be invoked by name, never by hardcoded path — .github/skills/ does not exist in plugin or extension distributions, so this breaks in delivered contexts. The sibling security-reviewer.agent.md does not use this pattern. Inline suggestions provided.

🟡 Medium — FR-005 / AC-005 (backlog handoff) not implemented

The PRD (FR-005, AC-005, DD-004) requires Privacy to register as a 5th backlog-templates caller and emit an augmentation block with data_category, processing_purpose, dpia_ref, lawful_basis, and risk_tier (severity-to-priority mapped). backlog-templates/SKILL.md was not modified — its Callers list and per-planner field blocks still cover only RAI, Security, SSSC, and Accessibility — and no privacy field contract appears in the Phase 6 Handoff. Inline note on the handoff section.

🟢 Low — DPIA gate phase numbering vs PRD

The PRD describes the DPIA hard gate at the "Phase 2 → Phase 5" transition, but the implemented six-phase model places the gate in Phase 3 (Risk + DPIA). Intent is preserved; the phase numbers just don't line up. Worth reconciling for traceability.

🟢 Low — Privacy Reviewer disclaimer source pointer

privacy-reviewer.agent.md step 6 says "re-surface the professional review disclaimer" without pointing to the canonical disclaimer-language.instructions.md source the way the Privacy Planner does.

---

Validated clean: collection inclusion + subagent dependencies, relative skill references, applyTo patterns, instruction cross-references, schema consistency, and licensing attribution. Disclaimer: this is an AI-assisted review for human consideration, not a substitute for qualified human validation.

[jkim323]

Thoughts on tightening this phase by adding:

Activities: present the complete privacy plan for review, generate the handoff summary, and hand off to backlog or implementation workflows using the [Backlog Handoff Contract](#backlog-handoff-contract)
Exit: user confirms acceptance of the privacy plan and handoff

I think it might help with staying consistent with the SSSC planner wordings.