clickup-data-handling

# ClickUp Data Handling ## Overview Handle sensitive data from ClickUp API v2 responses. ClickUp task data often contains PII (assignee emails, names) and business-sensitive information (task descriptions, comments, custom field values). ## ClickUp Data Classification | Data Source | PII Risk | Handling | |-------------|----------|----------| | `/user` response | High (email, username) | Redact in logs | | `/team` members | High (emails, names) | Minimize; cache only IDs | | Task assignees | Medium (user IDs, names) | Aggregate when possible | | Task descriptions | Variable (may contain PII) | Scan before storing | | Custom field values | High (email, phone fields) | Encrypt at rest | | Comments | Variable (user content) | Scan before logging | | Webhook payloads | Medium (user objects in history) | Redact before queuing | ## PII Detection in ClickUp Data ```typescript interface PiiFindings { field: string; type: string; value: string; } const PII_PATTERNS = [ { type: 'email', regex: /[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}/g }, { type: 'phone', regex: /\b\d{3}[-.]?\d{3}[-.]?\d{4}\b/g }, { type: 'ssn', regex: /\b\d{3}-\d{2}-\d{4}\b/g }, ]; function scanClickUpTaskForPii(task: any): PiiFindings[] { const findings: PiiFindings[] = []; // Check description for (const pattern of PII_PATTERNS) { const matches = (task.description ?? '').matchAll(pattern.regex); for (const m of matches) { findings.push({ field: 'description', type: pat...