Cultural Review Skill
This skill provides comprehensive guidance for reviewing code, features, and content for cultural sensitivity and Indigenous data sovereignty compliance.
OCAP Framework Reference
Ownership
Requirement: Storytellers maintain ownership of their narratives
Check for:
- • Story ownership tracked via
author_idandstoryteller_id - • Both author and storyteller have control rights
- • Ownership cannot be transferred without consent
- • Community collective ownership respected
Control
Requirement: Users decide who accesses their stories
Check for:
- • Privacy levels properly enforced (public/community/org/private)
- • Users can revoke access at any time
- • Distribution requires explicit consent
- • Bulk revocation available ("Pull All")
Access
Requirement: Tiered access based on cultural sensitivity
Check for:
- • Sensitivity levels correctly implemented
- • Elder approval workflow for high/sacred content
- • Community membership verification where required
- • Access audit trail maintained
Possession
Requirement: Data can be exported or deleted anytime
Check for:
- • Data export functionality (GDPR Article 20)
- • Full deletion/anonymization (GDPR Article 17)
- • No data lock-in or artificial barriers
- • Portable data format (JSON)
Sensitivity Level Guidelines
Standard
- •General stories, no restrictions
- •Can be embedded externally
- •Public sharing allowed
Medium
- •Some cultural context important
- •May require community membership
- •External sharing needs approval
High
- •Significant cultural value
- •Elder review before sharing
- •Limited distribution options
- •No unauthorized embedding
Sacred/Restricted
- •Protected traditional knowledge
- •Elder approval mandatory
- •NO external distribution ever
- •May have viewing time/place restrictions
Code Review Checklist
API Endpoints
code
□ Authentication required (unless public embed) □ Authorization checks ownership/permissions □ Sensitivity level verified before action □ Elder approval status checked for high/sacred □ Audit log created for significant actions □ Consent verified before distribution □ Revocation cascades properly
UI Components
code
□ Cultural indicators are respectful □ Sensitivity badges are clear □ Elder approval status prominent □ Consent status visible □ Privacy level clearly shown □ Revocation controls accessible □ Trauma-informed animations (gentle) □ Language is inclusive
Database Operations
code
□ Tenant isolation maintained □ Ownership fields populated □ Consent fields checked □ Audit trail created □ Soft delete preferred over hard delete □ Anonymization preserves audit trail
Red Flags
Immediate Action Required
- •External distribution of sacred content
- •Missing consent verification
- •Broken revocation cascade
- •Elder approval bypassed
- •Tenant isolation breached
Needs Improvement
- •Missing audit logging
- •Hard delete without anonymization
- •Unclear sensitivity indicators
- •Missing ownership checks
- •No bulk revocation option
Approval Workflow
Standard Content
- •Author creates story
- •Consent captured
- •Ready for distribution
Medium Sensitivity
- •Author creates story
- •Cultural context added
- •Consent captured
- •Community review (optional)
- •Ready for limited distribution
High Sensitivity
- •Author creates story
- •Cultural context added
- •Consent captured
- •Elder review requested
- •Elder approves/requests changes
- •Limited distribution (no embedding)
Sacred Content
- •Author creates story
- •Cultural context added
- •Consent captured
- •Elder review mandatory
- •Elder approval required
- •Platform-only access
- •Never distributed externally