Skip to content
Cload Cloud
Security

file-deletion

Secure file deletion and data sanitization methods.

View source More in Security

What file-deletion Does

File-deletion is a security-focused skill that provides methods for permanently removing files and sensitive data from storage systems. Unlike standard file deletion operations that simply mark files as deleted (leaving data recoverable), this skill implements secure data sanitization techniques that overwrite file contents multiple times before removal, making recovery virtually impossible. This is essential for organizations handling confidential information, compliance-regulated data, or anyone concerned about data privacy.

How to Install

  1. Clone or download the skill from the GitHub repository
  2. Navigate to the computer-forensics-skills/skills/file-deletion directory
  3. Review the skill’s documentation and dependencies (typically requires Python 3.7+)
  4. Install any required packages using pip install -r requirements.txt
  5. Integrate the skill into your Claude workflow by importing the deletion modules
  6. Test with non-critical files first to verify proper functionality
  7. Configure sanitization parameters based on your security requirements (number of overwrite passes, algorithm selection)

Use Cases

  • GDPR/HIPAA Compliance: Permanently delete personally identifiable information (PII) and health records to meet regulatory data retention requirements
  • Corporate Data Destruction: Securely remove sensitive business documents, financial records, and proprietary information before device decommissioning
  • Personal Privacy: Eliminate browsing history, cached files, and temporary data that could reveal user behavior or preferences
  • Incident Response: Rapidly sanitize compromised systems after security breaches to prevent leaked data recovery
  • Cloud Storage Cleanup: Securely delete development test data, API credentials, and staging environment files from shared storage systems

How It Works

The file-deletion skill operates by implementing multi-pass overwrite algorithms that replace file data with random or predetermined patterns before physical deletion. When a file is marked for deletion, instead of simply removing the file system pointer, the skill performs sequential write operations across the entire file’s data blocks. Each pass overwrites the space with different patterns (commonly random data or standardized patterns like zeros or ones), making it exponentially harder to recover original content through forensic analysis.

The skill supports various deletion standards including NIST guidelines (which recommend 1 pass), DoD 5220.22-M (which uses 7 passes with specific patterns), and Gutmann method (35 passes for older magnetic media). Modern implementations often default to 3-5 passes as a balance between security and performance, since modern storage devices make recovery increasingly difficult regardless of pass count. The skill also handles file metadata sanitization, clearing file names, timestamps, and other attributes that could reveal sensitive information about deleted content.

Pros and Cons

Pros:

  • Meets regulatory compliance requirements (GDPR, HIPAA, SOX)
  • Multiple sanitization standards available for different security needs
  • Makes forensic data recovery virtually impossible
  • Automatable for batch operations and scheduled cleanup
  • Works across different file systems and storage types
  • Provides audit trails for compliance documentation

Cons:

  • Significant performance impact, especially with high pass counts or large files
  • Less effective on SSDs due to wear-leveling (though Secure Erase helps)
  • No recovery possible after execution—requires careful file verification beforehand
  • Cloud storage implementation depends on provider policies and may not guarantee compliance
  • Physical destruction remains only absolute guarantee for highly classified data
  • Can wear out storage devices faster if used excessively due to repeated writes
  • disk-encryption: Encrypt files before deletion to add an extra security layer
  • access-control: Restrict file access permissions to prevent unauthorized deletion
  • audit-logging: Track who deleted what and when for compliance documentation
  • data-backup: Create secure backups before running deletion operations
  • forensic-analysis: Analyze files before deletion to ensure proper identification

Alternatives

  • Built-in OS tools: Windows Cipher /W, macOS Secure Empty Trash, Linux shred command (though less effective)
  • Third-party software: BleachBit, Eraser, CCleaner’s deletion features (offer GUI interfaces but less enterprise control)
  • Hardware-based solutions: Full disk encryption with key destruction, or physical device destruction for maximum security
Glossary

Key terms

Data Sanitization
The process of securely removing data from storage devices by overwriting it multiple times, making recovery through forensic analysis impractical or impossible.
Overwrite Pass
A single complete cycle where an algorithm writes predetermined patterns across all data blocks of a file. Multiple passes with different patterns provide stronger security against forensic recovery.
DoD 5220.22-M
A data sanitization standard from the U.S. Department of Defense requiring 7 overwrite passes with specific patterns (zeros, ones, and random data) for classified information removal.
Wear-Leveling
An SSD optimization technique that distributes data writes across memory cells to prevent premature degradation. This process can interfere with multi-pass overwrite deletion effectiveness.
FAQ

Frequently Asked Questions

How is secure file deletion different from regular deletion?

Regular deletion removes the file system reference but leaves data intact on disk, allowing recovery with forensic tools. Secure deletion overwrites the actual data multiple times with random or specific patterns before removal, making recovery physically impossible. This skill implements the secure approach using industry-standard sanitization algorithms.

How long does the secure deletion process take?

Duration depends on file size and selected overwrite passes. A 1GB file with 3-pass overwrite typically takes 30-60 seconds on modern drives. Higher pass counts (7+ passes) can take several minutes per gigabyte. SSD deletion may be faster but offer fewer security guarantees due to wear-leveling and TRIM operations.

What deletion standard should I use for compliance?

GDPR requires data to be 'irretrievably lost' without specifying method; 3-5 pass overwrite typically satisfies this. HIPAA doesn't mandate specific standards but accepts NIST or DoD guidelines. For financial data, DoD 5220.22-M (7 passes) is commonly used. For highly classified material, the Gutmann method provides maximum security but with performance cost.

Can deleted files be recovered after this skill runs?

After proper execution with multiple overwrite passes, recovery is extremely unlikely. However, certain sophisticated forensic techniques (like analyzing magnetic field variations on older mechanical drives) have theoretical recovery potential. For maximum security, physical destruction of the storage device remains the only guarantee.

Does this work on SSDs and cloud storage?

Traditional multi-pass overwriting is less effective on SSDs due to wear-leveling and TRIM operations that move data between blocks. Some SSDs support Secure Erase commands for better sanitization. Cloud storage deletion depends on provider policies; most major cloud providers implement their own sanitization when you delete files.

Can I recover files after running this skill?

No. Once the overwrite process completes and the file is deleted, recovery is not possible through conventional means. Ensure you absolutely want to delete files before executing this skill. Consider backing up important data beforehand.

How many overwrite passes do I actually need?

Security organizations vary: NIST recommends just 1 pass for modern drives, while DoD requires 7. For most use cases, 3-5 passes provides strong security without excessive performance cost. Higher passes add minimal practical security benefit on modern storage but significantly increase processing time.

Can this skill handle batch deletion of multiple files?

Yes. The skill supports batch operations for deleting multiple files in sequence, applying the same sanitization parameters to each. This is useful for purging entire directories or automated cleanup workflows, though total time increases proportionally with total data volume.

More in Security

All →
Security

ASD-AuDHD-PAI-Skills

New collection, first skill [pda-reframing](https://github.com/emory/ASD-AuDHD-PAI-Skills/blob/main/Skills/pda-reframing/SKILL.md) can reframe requests or decis

emory
Security

Deploy Guardian

Pre-deployment safety checks including secret scanning, dependency audits, and build verification.