Log Pii Redactor
AdvisoryAudited by Static analysis on May 3, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Raw logs shared for analysis may expose customer, employee, health, payment, or other regulated personal data in the agent conversation.
The skill is intended to inspect user logs that may contain personal data; this is expected for the purpose but sensitive if raw production logs are provided to the agent.
Audit my JSON app logs for PII ... Find the PII bleeding into your logs
Use minimized, sampled, or synthetic logs when possible; avoid pasting large raw production datasets; and prefer locally run scanners for highly regulated data.
If live tokens or keys are pasted into the agent, they should be treated as sensitive and potentially compromised.
The skill is designed to detect credentials and tokens inside logs. It does not ask to use those credentials, but users may expose live secrets while seeking redaction help.
Secrets (not PII per se, but leak-equivalents) ... JWT ... AWS access key ... GitHub PAT ... Slack token ... Stripe key ... Generic bearer ... Private key
Mask or rotate any live credentials found in logs, and do not grant OAuth, wallet, purchase, or credential permissions unless a separate trusted workflow clearly requires them.
Incorrect generated rules could break logging, drop useful debugging data, or block builds if applied without review.
Generated scanner scripts and pipeline or CI configuration can affect deployments and observability behavior. This is user-directed and purpose-aligned, not automatic execution.
The skill returns a regex pack, a per-field strategy table, integration config for the user's pipeline, a scanner script ... Write a pre-prod scanner that fails CI if PII is found
Review and test generated scripts/configuration in a non-production environment before enabling CI failures or changing production log pipelines.