ClawHub

Privacy Shield

v1.0.1

Manages sensitive data access by marking resources with privacy levels and enforcing share, export, and usage restrictions based on a centralized registry.

0· 168·0 current·0 all-time
by@xiaobu2020

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for xiaobu2020/privacy-shield.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Privacy Shield" (xiaobu2020/privacy-shield) from ClawHub.
Skill page: https://clawhub.ai/xiaobu2020/privacy-shield
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install privacy-shield

ClawHub CLI

Package manager switcher

npx clawhub@latest install privacy-shield
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (privacy marking, enforcement, and audit) matches the included CLI script and SKILL.md instructions. No unrelated environment variables, binaries, or external services are required.
Instruction Scope
SKILL.md instructs agents to run the included script before any data-output operation; the script reads/writes local files (data/privacy-registry.json and data/privacy-audit.jsonl) under the WORKSPACE (or repo-root) — this is expected for the stated purpose but means the agent will access and modify workspace files and create audit logs.
Install Mechanism
No install spec or external downloads are present; the skill is instruction-only with a bundled Python script. No network installs or archive extraction are used.
Credentials
The skill does not require credentials or extra environment variables. It optionally respects WORKSPACE to locate registry/audit files, which is reasonable for a local file-based tool.
Persistence & Privilege
always is false and the skill does not request persistent platform privileges. It will read/write its own registry and audit files only; nothing in the code modifies other skills or system-wide settings.
Assessment
This skill appears to do what it says: a local privacy registry and CLI that checks and logs decisions. Before installing or invoking it, consider: (1) it will read/write data/privacy-registry.json and data/privacy-audit.jsonl in the agent workspace (or the directory implied by WORKSPACE) — review and set appropriate file permissions; (2) confirm you are comfortable allowing the agent to execute the included Python script (it runs locally and does not contact external endpoints); (3) review registry contents and audit logs for sensitive items before sharing them with other tools or people; (4) if you set WORKSPACE, ensure it points to the intended workspace so the registry/audit files land where you expect. No credentials or network calls were found in the code.

Like a lobster shell, security has layers — review code before you run it.

latestvk9730dc4v39f5jzj71qpf3jdd583801q
168downloads
0stars
2versions
Updated 1mo ago
v1.0.1
MIT-0
@xiaobu2020
latest
Download

Privacy Shield

Privacy data marking system — unified sensitive resource management with pre-operation checks and audit logging.

Design Principles

  • Conservative by default: Unmarked data should be handled with caution
  • Check before act: Verify privacy level before any data operation
  • Centralized control: One registry file governs all privacy rules

Privacy Levels

LevelMeaningExample
owner_onlyOwner can view/use onlyPhotos, personal info
privateNo external disclosure, internal use OKModel info, API keys
no_exportMust not leave the machineMemory files, ontology
publicFree to useNon-sensitive data

Quick Start

Mark a resource

# Mark a file or directory
python scripts/registry.py mark media/images/people/ --level owner_only --reason "Family photos"

# Mark a rule category
python scripts/registry.py mark --type rule "model_info" --level private --reason "Infrastructure"

Check permission

# Check if a resource can be shared
python scripts/registry.py check media/images/people/photo.jpg --action share

# Check privacy level only
python scripts/registry.py check media/images/people/photo.jpg

List all marks

python scripts/registry.py list
python scripts/registry.py list --level owner_only

Remove a mark

python scripts/registry.py unmark media/images/old-photo.jpg

View audit log

python scripts/registry.py audit
python scripts/registry.py audit --deny-only

Agent Integration

Before any data output operation:

  1. Check registrypython scripts/registry.py check <resource> --action <action>
  2. Evaluate result:
    • owner_only → Output only when owner requests
    • private → No external disclosure, internal processing OK
    • no_export → Never leave this machine
    • Unmarked → Default to caution, ask the owner

Registry File

Location: data/privacy-registry.json

{
  "version": "1.0.0",
  "rules": {
    "photos": {"level": "owner_only", "reason": "Family photos"},
    "model_info": {"level": "private", "reason": "Infrastructure"}
  },
  "resources": [
    {
      "path": "media/images/people/",
      "level": "owner_only",
      "reason": "Family photos",
      "marked_at": "2026-03-20T09:53:00+08:00"
    }
  ]
}

Features

  • ✅ Path prefix + glob pattern matching
  • ✅ Automatic audit logging (JSONL)
  • ✅ Integration with image-manager (--privacy flag)
  • ✅ CLI for mark/check/list/unmark/audit

Comments

Loading comments...