ClawHub

Privacy Protector

v0.1.0

Runs PII anonymization, local de-anonymization, and deterministic local detector checks for text and supported files. Use for redact/restore flows, file-firs...

0· 182·1 current·1 all-time
by@modeioai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description match the implementation: Python scripts and a reusable package implement anonymize, deanonymize, and local detection. Required binary is only python3 and there are no unrelated credentials or unexpected binaries requested.
Instruction Scope
SKILL.md and CLI scripts are scoped to anonymize/deanonymize/detect workflows and instruct running commands inside the repo. The README and SKILL.md explicitly state that only `lite` is fully local; other levels call a backend API. The instructions do not ask the agent to read system files outside the repo, but runtime will read/write local map files (default ~/.modeio/redact/maps).
Install Mechanism
No install spec is provided (instruction-only install); the repository includes Python code but nothing in the manifest downloads or executes remote installers. Runtime depends on optional Python packages (requests, python-docx, PyMuPDF) which the user must install themselves.
Credentials
The skill does not require secrets or credentials. However, non-`lite` anonymization levels will POST content to an external API by default (URL hardcoded as https://safety-cf.modeio.ai/api/cf/anonymize) and an environment variable (ANONYMIZE_API_URL) can override that endpoint. Maps containing original PII are written to a default local directory (~/ .modeio/redact/maps) unless overridden. Both behaviors are justified by the skill's purpose but increase data-exfiltration risk if you don't trust the backend or if ANONYMIZE_API_URL is set to an attacker-controlled host.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges. It persists local map files and sidecar files in a user-writable directory, which is expected behavior for restore/redact workflows.
Assessment
This skill appears to do what it says: local `lite` mode runs offline, and other modes send text to a remote anonymization API. If you must keep data strictly local, use `--level lite` only. Before using `dynamic`/`strict`/`crossborder`, confirm you trust the default backend (https://safety-cf.modeio.ai) or explicitly set ANONYMIZE_API_URL to a trusted endpoint. Be aware that the tool writes map files (which include original values) to ~/.modeio/redact/maps by default — secure or relocate that directory if it will contain sensitive data. If you need higher assurance, review the remote API provider code (modeio_redact/providers/remote_api_provider.py) and test on non-sensitive examples first.

Like a lobster shell, security has layers — review code before you run it.

latestvk971z8aay614wqvfsd99bv3csn82qmtb

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binspython3

Comments