Tutorials & How-Tos
Digital Hygiene Workflows for Privacy
A roundup of ClawFlows workflows for digital hygiene — session clearing, OAuth revocation, cookie cleanup, and the routines that protect your privacy.
A roundup of ClawFlows workflows for digital hygiene — session clearing, OAuth revocation, cookie cleanup, and the routines that protect your privacy.
Privacy isn't primarily about high-profile breaches. It's about accumulation. Every website you authorized with OAuth that you never revoked. Every old account with a password you reused. Every tracking cookie set in 2019 that's still helping some ad network follow you. Every session that never logged out. The damage compounds quietly, one small decision at a time.
Fixing it also compounds — but only if you actually do the work. The ClawFlows Security & Privacy category includes workflows specifically for digital hygiene: the routines that clean up exposure you didn't realize you had. Running them weekly is the closest thing to a privacy firewall most solo users will ever have.
Digital hygiene is the practice of regularly cleaning up your digital footprint the way you'd clean a kitchen. Not because anything's obviously dirty, but because it accumulates gunk over time.
Specifically, it means:
Each task is boring individually. Collectively, they're the difference between a tight privacy posture and a porous one.
Reads your OAuth grants from major providers (Google, GitHub, Microsoft, Apple) and flags grants that:
Produces a list of candidates. You decide which to revoke. The workflow can revoke them for you if you give it permission, or just surface them for manual action.
Selectively clears browser cookies and sessions based on age and domain. Preserves the sites you actually use (configured allowlist) and purges the rest. Does the same for logged-in sessions.
Running this weekly keeps your browser state clean without logging you out of the sites you care about.
On mobile (via a companion skill), reads the permissions each app has on your phone. Flags over-permissioned apps — especially ones accessing location, contacts, or microphone when they don't need to.
The first run is eye-opening for most people. You discover apps have access they shouldn't.
Queries a list of data broker databases for your name, email, and phone number. Produces a report of where your information appears. Some entries can be opted-out programmatically; others require manual action.
This is tedious but important. Data brokers are the long tail of privacy exposure.
Identifies accounts you haven't logged into in 12+ months based on emails in your inbox (password resets, welcome emails, newsletters). Produces a list of candidates for deletion with links to the deletion flow for each service if known.
A weekly digital hygiene routine:
Total time: about 10 minutes. Most of that is reviewing the OAuth output and deciding what to revoke.
Monthly, add:
Quarterly, add:
The compounding argument cuts both ways. Small bits of exposure accumulate weekly. Small bits of cleanup also need to happen weekly, or the backlog becomes daunting.
A weekly 10-minute cleanup is sustainable forever. A quarterly 4-hour cleanup is sustainable for one quarter and then gets skipped. Choose the sustainable schedule.
Digital hygiene complements active security:
Together, these cover most of the personal security surface area a solo user can realistically manage.
Ways people customize digital hygiene workflows:
Browser support varies. The workflow is most complete on Firefox and Brave because their session/cookie APIs are more accessible. Chrome and Safari work too but with some manual steps.
The nikilster/clawflows repo has browser-specific notes in the workflow READMEs.
Digital hygiene isn't just self-interest. Every OAuth grant you leave active is a potential data path for a breach to compromise your contacts, colleagues, and collaborators. Every old account with a reused password is a vulnerability for other accounts. Maintaining your own hygiene is a form of care for the people connected to you.
No, it complements one. If you use Brave or Firefox with good extensions, digital hygiene workflows are the cleanup layer on top of that.
The workflow doesn't pay for opt-outs. It identifies the broker and provides the link; the opt-out process is up to you. Some brokers charge; most don't.
The workflows can use GDPR rights where applicable — some of them produce template deletion requests for GDPR-covered services. But the workflows work regardless of jurisdiction.
Only if you have their authorization. Digital hygiene is personal data management, and running it on another person without consent is not appropriate.
If configured correctly (with allowlists for your active sites), no. Misconfigurations can log you out of sites. The workflow supports a dry-run mode to preview changes before making them.
Digital hygiene is boring but compounding. Skip it for a year and your exposure surface doubles. Run it weekly for a year and you have a tight, intentional digital footprint.
Install ClawFlows (see How to Install ClawFlows in One Command), configure the hygiene workflows, and schedule them weekly. Your privacy posture will be dramatically better within a month.
Explore all 113 workflows at aiskill.market/workflows or submit your own.
Enterprise-grade security auditing skills from Trail of Bits. Run CodeQL and Semgrep analyses, detect vulnerabilities, and enforce security best practices in your codebase.
Secure environment variable management ensuring secrets are never exposed in Claude sessions or git
Security Blue Book Builder is a Claude Code skill that helps development teams create concise, normative security policies for applications handling sensitive data such as PII, PHI, or financial infor
Extract and analyze file metadata for forensic purposes and investigations