← Back to Skills Marketplace
110
Downloads
1
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install vibe-sanitizer
Description
Use this skill when an agent needs to scan a Git repository for secrets, credentials, or machine-specific file paths, then sanitize safe findings in place or...
Usage Guidance
This package appears to be what it claims: a local Python-based repo scanner/sanitizer that runs git commands and can rewrite files. Before running: (1) verify you trust the bundled source (it's executed directly); (2) ensure python3 and git are available — the registry metadata omits those requirements; (3) back up or use a non-destructive workflow (export mode) before using in-place sanitization; (4) confirm the export destination is outside the repo as the tool enforces; (5) if you need stricter guarantees, inspect the included files yourself for unexpected behavior or run in a sandboxed environment.
Capability Analysis
Type: OpenClaw Skill
Name: vibe-sanitizer
Version: 1.1.0
The vibe-sanitizer skill is a legitimate utility designed to scan and redact secrets, credentials, and machine-specific paths from Git repositories. The implementation in src/vibe_sanitizer uses standard library components and safe subprocess calls to Git without shell execution. The SKILL.md instructions include explicit guardrails preventing the agent from outputting raw secrets, and the code lacks any network connectivity or data exfiltration logic. The configuration parsing uses ast.literal_eval for safety, and the export functionality includes checks to prevent writing into the source repository.
Capability Tags
Capability Assessment
Purpose & Capability
Name/description align with included Python scanner/sanitizer source. The code implements scanning, previewing, in-place edits, and export functionality as documented. However, the registry metadata claims 'required binaries: none' and 'instruction-only', while SKILL.md and the code expect python3 (to run the bundled module) and use git subprocesses; that metadata omission is an inconsistency.
Instruction Scope
SKILL.md instructs the agent to run the bundled CLI from ./src against a repo root and to prefer narrow scopes, not to print raw secrets, and not to export into the source repo. The code follows those constraints: scanning, masking/previews, optional in-place rewriting only for findings marked editable, and export validation that enforces output outside the source repo. There are no instructions to read unrelated system files or to transmit data externally.
Install Mechanism
There is no network install spec — the Python source is bundled and executed directly. This is lower-risk than fetching remote archives. Running the skill will execute local Python code (the bundled package) and spawn git subprocesses; that is expected for this tool.
Credentials
The skill declares no required environment variables or credentials and the code does not attempt to read secrets from the environment. The only environment access is checking NO_COLOR to decide color output and Path.home() for path detectors — both are proportional to the tool's purpose.
Persistence & Privilege
The skill is not always-enabled and does not request elevated privileges. It does write to repository files when run with sanitize --mode in-place and creates an export directory when asked; those behaviors are expected and documented. It does not modify other skills or system-wide agent settings.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install vibe-sanitizer - After installation, invoke the skill by name or use
/vibe-sanitizer - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.0
v1.1.0 updates the documentation for improved clarity and usability.
- Reorganized usage instructions into easy-to-read tables.
- Clarified when to use each CLI command and scan scope.
- Added concise guides for typical workflows and setup steps.
- Refined guardrails and response style best practices.
- No changes to bundled code or features; documentation only.
v1.0.0
Initial release of vibe-sanitizer skill.
- Enables agents to scan Git repositories for secrets, credentials, and machine-specific paths.
- Provides options to sanitize findings in place or export a sanitized copy using the bundled Python CLI.
- Detects common secret patterns (API keys, tokens, credentials, private keys, sensitive file paths, etc.).
- Includes documented workflows for scanning, sanitizing, and exporting repositories.
- Adds guardrails to prevent exposing secrets or unsafe automated rewriting.
- Supports `scan`, `sanitize`, `export`, and `init-config` CLI commands.
Metadata
Frequently Asked Questions
What is Vibe Sanitizer - Check and Sanitize git repository for secrets?
Use this skill when an agent needs to scan a Git repository for secrets, credentials, or machine-specific file paths, then sanitize safe findings in place or... It is an AI Agent Skill for Claude Code / OpenClaw, with 110 downloads so far.
How do I install Vibe Sanitizer - Check and Sanitize git repository for secrets?
Run "/install vibe-sanitizer" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Vibe Sanitizer - Check and Sanitize git repository for secrets free?
Yes, Vibe Sanitizer - Check and Sanitize git repository for secrets is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Vibe Sanitizer - Check and Sanitize git repository for secrets support?
Vibe Sanitizer - Check and Sanitize git repository for secrets is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Vibe Sanitizer - Check and Sanitize git repository for secrets?
It is built and maintained by Maco (@macoloye); the current version is v1.1.0.
More Skills