Last updated 2026-07-16.
skillmoo scan reads your skills, writes
nothing, and uploads nothing unless you explicitly pass --publish.| Data | Why | Kept for |
|---|---|---|
| GitHub username, name, avatar URL | To show who's signed in | Until you delete your account |
| Your GitHub email | To attach your subscription and send receipts / service notices | Until you delete your account |
| A session token (stored hashed) | To keep you signed in | 30 days, or until you sign out |
| A monthly counter of optimizes used | To enforce the free tier's 3/month | Expires ~2 months after the month it counts |
| Subscription status + Paddle customer id | To know whether you're Pro | While you have a subscription |
| Coarse rate-limit counters keyed to your IP | Anti-abuse; bounds our model bill | Minutes to hours, then auto-expires |
We do not sell any of it, and we never will. There is no advertising on SkillMOO and no data-broker relationship to disclose.
Detection (free): runs entirely in your browser — analysis, grading, ZIP reading, all of it. Your skill never reaches our servers.
One-click optimize (Pro): this is the one operation that leaves your device, and it only happens after you click and confirm. The skill text is sent to our server, which forwards it to DeepSeek to produce the rewrite. It is used for that single request and then discarded: we do not store it, log it, or train on it. We ask DeepSeek to process it and return a result; we do not grant them rights to it.
Sharing a report (--publish, optional): uploads only the derived
report — grades, findings, token counts — never the file's contents, with your home directory
paths stripped to ~.
One: a session cookie (__Host-smoo_sess), set only when you sign in, marked
HttpOnly and Secure so no script can read it. It is strictly necessary to keep you signed in, so
it needs no consent banner. We use no analytics, advertising, or cross-site tracking cookies. A
short-lived second cookie exists for ten minutes during the sign-in handshake to prevent CSRF,
then is deleted.
| Provider | What they handle |
|---|---|
| Cloudflare | Hosting and serving this site |
| Upstash | The database holding sessions, quota, entitlements |
| GitHub | Sign-in (they tell us who you are; we tell them nothing about you) |
| DeepSeek | The semantic rewrite — only for skills you explicitly optimize |
| Paddle | Merchant of Record: payments, tax, invoices, refunds. They hold your payment details; we never do. |
The data controller is Shawn C., an independent developer based in China — SkillMOO is one person, not a company. Reach him at [email protected].
Your data is not stored in China. It lives on Cloudflare and Upstash infrastructure (see the table above). Since the operator is outside the EU and UK, your data is processed outside them as well; the lawful basis is that it is necessary to provide the service you asked for, and — for the semantic rewrite specifically — your explicit click.
You can ask us to show you everything we hold about you, correct it, or delete it — including your whole account. Email [email protected] from your account's address and we'll do it within 30 days, usually much sooner. Deleting your account removes your profile, sessions, and counters. We may keep the minimum billing records Paddle and tax law require, which is a legal obligation we can't waive.
Depending on where you live (EU/UK GDPR, China's PIPL, California's CCPA, and others) you may have additional rights, including to object or complain to a regulator. We honour them regardless of where you are — it's simpler and fairer than sorting users by passport.
Sessions are random tokens stored only as a hash, so even a database dump yields no usable session. Payment data never touches our servers. Secrets live in host environment variables, never in the code. We're a small team and can't promise perfection, but we can promise we won't quietly hide a breach: if one affects you, we'll tell you.
If we change this policy materially we'll update the date above and, for signed-in users, say so by email.