← Back to Skills Marketplace

Expanso pii-detect

Name: Expanso pii-detect
Author: aronchick

by Expanso · GitHub ↗ · v1.0.0

cross-platform ⚠ suspicious

919

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install expanso-pii-detect

Description

Detect personally identifiable information (PII) in text using Expanso Edge pipelines for CLI, MCP server, or cloud deployment.

README (SKILL.md)

pii-detect

Detect personally identifiable information (PII) in text

Requirements

Expanso Edge installed (expanso-edge binary in PATH)
Install via: clawhub install expanso-edge

Usage

CLI Pipeline

# Run standalone
echo '\x3Cinput>' | expanso-edge run pipeline-cli.yaml

MCP Pipeline

# Start as MCP server
expanso-edge run pipeline-mcp.yaml

Deploy to Expanso Cloud

expanso-cli job deploy https://skills.expanso.io/pii-detect/pipeline-cli.yaml

Files

File	Purpose
`skill.yaml`	Skill metadata (inputs, outputs, credentials)
`pipeline-cli.yaml`	Standalone CLI pipeline
`pipeline-mcp.yaml`	MCP server pipeline

Usage Guidance

This skill runs Expanso pipelines that put your input text into an OpenAI chat completion call. If you provide an OPENAI_API_KEY, the full text will be sent to OpenAI. The registry metadata failing to declare the OpenAI credential and the README's claim that a local 'regex' mode can be used are inconsistent with the included pipeline files (which always call openai_chat_completion). Before installing or running on sensitive data: (1) Decide whether you are willing to send inputs to OpenAI; if not, avoid supplying an API key and verify the pipelines actually perform local regex detection (they currently do not). (2) Run the skill in a safe/test environment with non-sensitive inputs to observe behavior. (3) Inspect or modify the pipeline YAML to add a true local fallback (regex processors) if you need on-device-only detection. (4) Confirm you trust the expanso-edge binary and the environment where it will run. If you need clarification, ask the author to correct the skill metadata and to provide a documented regex-only pipeline.

Capability Analysis

Type: OpenClaw Skill Name: expanso-pii-detect Version: 1.0.0 The skill is designed to detect PII using an OpenAI LLM. Both `pipeline-cli.yaml` and `pipeline-mcp.yaml` construct the LLM prompt by directly concatenating user-provided input (`content()` or `this.text`) without apparent sanitization or robust prompt engineering to prevent manipulation. This makes the LLM vulnerable to prompt injection, where a malicious user could potentially bypass the LLM's instructions, extract information, or cause it to generate unintended output. While the skill uses the `OPENAI_API_KEY` environment variable, this is for its stated purpose and not for unauthorized exfiltration.

Capability Assessment

ℹ Purpose & Capability

Name and files match a PII-detection purpose. Using an LLM (OpenAI) for detection is plausible. However the registry metadata claims no required env vars/credentials while README and pipeline files expect an OPENAI_API_KEY (even if marked 'optional') — that's an inconsistent declaration.

⚠ Instruction Scope

The pipelines place the entire input text into the LLM prompt (openai_chat_completion), which will transmit user-provided text to OpenAI when an API key is supplied. The README and skill.yaml claim a local 'regex' backend is available, but the provided pipeline definitions always call openai_chat_completion and do not implement a clear regex-only fallback — meaning 'local-only' behavior is not actually enforced by the included pipelines.

✓ Install Mechanism

Instruction-only skill that requires expanso-edge to be installed; no downloads or third-party install URLs are embedded in the skill bundle. This is low install risk.

⚠ Credentials

The skill uses OPENAI_API_KEY (sensitive) in pipeline files but the registry shows 'Required env vars: none' and 'Primary credential: none' — a mismatch. The only notable sensitive credential is the OpenAI key; no unrelated credentials are requested.

✓ Persistence & Privilege

The skill is user-invocable only, not always-enabled, and has no install script or self-persistence. It does not request system-wide config or other skills' credentials.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install expanso-pii-detect
After installation, invoke the skill by name or use /expanso-pii-detect
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.0

Initial publish to ClawHub

Metadata

Slug expanso-pii-detect

Version 1.0.0

License —

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is Expanso pii-detect?

Detect personally identifiable information (PII) in text using Expanso Edge pipelines for CLI, MCP server, or cloud deployment. It is an AI Agent Skill for Claude Code / OpenClaw, with 919 downloads so far.

How do I install Expanso pii-detect?

Run "/install expanso-pii-detect" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Expanso pii-detect free?

Yes, Expanso pii-detect is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Expanso pii-detect support?

Expanso pii-detect is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Expanso pii-detect?

It is built and maintained by Expanso (@aronchick); the current version is v1.0.0.

More Skills