ClawHub

Document Sanitizer / 文档脱敏及恢复

v1.2.1

Batch desensitize docx/xlsx files via keyword and regex rules, with one-click reversible restoration. 批量对 docx/xlsx 文件执行关键字和正则脱敏替换,支持一键反向恢复。

0· 69·0 current·0 all-time
byjuanfenglong@longjf25
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description, SKILL.md workflows, and the included scripts/sanitize.py are consistent: the tool scans a workspace for .docx/.xlsx files, applies keyword/regex replacements, writes sanitized copies, and records mappings for reversible restore. No unrelated binaries, env vars, or external services are requested.
Instruction Scope
Instructions explicitly tell the agent to scan the workspace and operate on files (copying outputs to _sanitized_output/ and writing _sanitize_record_YYYY.json). This behavior is expected, but the mapping records contain original sensitive values; SKILL.md does not advise protecting or encrypting those record files, which is an important operational security note.
Install Mechanism
No install spec is provided (instruction-only skill + included script). Dependencies are limited to python-docx and openpyxl, which are appropriate for docx/xlsx processing. No downloads from arbitrary URLs or packaged installs are present.
Credentials
The skill requests no environment variables or credentials, which is appropriate. However, it creates local mapping/record files that store original sensitive content; requiring protection of those files (access controls, encrypted storage, or secure deletion) is necessary but not documented in SKILL.md.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges. It does write files within the workspace (outputs, logs, and mapping records), which is consistent with its purpose and does not modify other skills or global agent settings.
Assessment
This skill appears to do what it claims: scan a workspace, sanitize .docx/.xlsx files according to a JSON config, and produce reversible results. Before using it: - Review and edit _sanitize_config.json carefully so you only replace intended patterns. - Back up the workspace (or run the tool on a copy) before mass modifications. - Treat any _sanitize_record_YYYYMMDD_HHMMSS.json as highly sensitive: it contains original values required for restoration. Store it securely (restrict filesystem permissions, consider encryption) and securely delete it when no longer needed. - Check the Python runtime version: the script uses regex timeout when available (Python 3.11+), and falls back safely otherwise. - Test on a small subset first to verify replacements, filename-renaming behavior, and that logs do not leak sensitive data you didn't intend to keep. If you want stronger assurances, ask the author to add (in SKILL.md) explicit warnings about protecting mapping files, an option to encrypt mapping records, and a dry-run mode that reports matches without writing changes.

Like a lobster shell, security has layers — review code before you run it.

latestvk979z0x2kdrx2kk4m5khpwe2mh83vgnjlatest utility document securityvk979z0x2kdrx2kk4m5khpwe2mh83vgnj

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments