DCL Sentinel Trace — PII Redactor & Identity Exposure Detector
v1.0.2Instruction-only PII detector and redactor for AI outputs. Detects emails, phones, SSNs, bank cards, IBANs, crypto addresses, and IPs entirely within the age...
⭐ 0· 109·0 current·0 all-time
byDari Rinch@daririnch
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Benign
medium confidencePurpose & Capability
The name and description describe a PII detection/redaction step. The skill is instruction-only and requires no binaries, installs, or credentials — which matches a purely local/text-processing checklist. There are no requests for unrelated cloud credentials or system access.
Instruction Scope
The SKILL.md confines activity to scanning pasted text and producing a redacted output schema; it explicitly states no network requests. However the detection rules are described at a high level (patterns and 'in context' judgements) and rely on the agent's judgment rather than a deterministic, auditable regex implementation. That makes false negatives/positives and inconsistent redaction behavior possible. The instructions do not ask the agent to read files or environment variables beyond the conversation text.
Install Mechanism
There is no install spec and no code files — lowest-risk instruction-only skill. Nothing is downloaded or written to disk by the skill itself.
Credentials
The skill declares no environment variables, credentials, or config paths. This is proportionate to an instruction-only redaction checklist.
Persistence & Privilege
always:false and normal invocation settings. The skill does not request persistent presence or system configuration changes. Autonomous invocation is allowed by platform default but the skill itself does not ask for elevated privileges.
Assessment
This skill is internally consistent with its purpose and low-risk as an instruction-only checklist, but take these precautions before relying on it in production:
- Test thoroughly with representative inputs (various card formats, SSNs, international phone numbers, IBANs, crypto addresses) to evaluate false negatives and false positives.
- Prefer deterministic, auditable redaction (well-tested regexes or a small vetted library) if you require provable compliance; the skill relies on informal 'in context' judgment which can vary.
- Do not assume 'no data leaves the agent' guarantees anything about your runtime environment — verify that your agent platform or surrounding pipeline does not automatically log or forward conversation content.
- Note minor metadata inconsistencies: SKILL.md claims Version 2.0.0 while registry metadata lists 1.0.2, and the registry lists no homepage even though the SKILL.md links to fronesislabs.com. If provenance matters, ask the publisher for source code or an authoritative release page and confirm the publisher identity.
- If you need higher assurance (HIPAA/GDPR audits, regulated production use), prefer a skill with published code, test vectors, and deterministic redaction logic you can review or run locally.Like a lobster shell, security has layers — review code before you run it.
latestvk9726vfx1tnberz7634edbmp4h84r435
License
MIT-0
Free to use, modify, and redistribute. No attribution required.