← Back to Skills Marketplace
jgolebiowski

Distil Open Claw Pii

by Jacek Golebiowski · GitHub ↗ · v1.1.1 · MIT-0
cross-platform ⚠ suspicious
82
Downloads
0
Stars
0
Active Installs
4
Versions
Install in OpenClaw
/install distil-open-claw-pii
Description
Redact PII from text locally using a fine-tuned 1B SLM. Text never leaves your machine. Handles names, emails, phones, addresses, SSNs, credit cards, IBANs,...
README (SKILL.md)

PII Redaction Skill

When to use

Use this skill when the user asks to redact, anonymize, sanitize, or remove PII / personal data from text.

Privacy guarantee

CRITICAL: NEVER include the user's raw input text in your own responses, context, or reasoning. The entire point of this skill is that the frontier LLM (you) never sees the PII. You pass the text directly to the redaction script and only return the redacted output.

Prerequisites

  • Python 3
  • curl (for model download)

The setup script handles everything else (model download + server startup).

First-time setup

If the model server is not running yet, run:

bash scripts/setup.sh

This downloads the GGUF model (~5 GB) and starts the local inference server on port 8712.

How to redact

Pass the user's text directly to the redaction script. Do not echo or repeat the raw text yourself.

python scripts/redact.py "text to redact"

For longer text, pipe it via stdin:

echo "text to redact" | python scripts/redact.py

Return the output to the user as-is.

--show-entities flag (use sparingly)

Adding --show-entities outputs the full JSON including the original PII values. Only use this when the user explicitly asks to see which entities were detected or needs the mapping for a downstream task. In normal redaction workflows, omit this flag -- displaying the raw entity values defeats the purpose of PII redaction.

python scripts/redact.py --show-entities "text to redact"

How to stop the server

bash scripts/stop.sh

Output format

By default the script prints only the redacted text -- PII tokens replace the sensitive data and the original values are never shown:

Hi, my name is [PERSON] and I need help with my recent order #ORD-29481.

You can reach me at [EMAIL] or call me at [PHONE]. I'm a [AGE_YEARS:34]-year-old [MARITAL_STATUS] woman living at [ADDRESS]...

With --show-entities, the script returns full JSON including original PII values (see flag note above for when this is appropriate).

See examples/ for full input/output samples.

Usage Guidance
Key things to consider before installing: - The metadata claims no required binaries, but the scripts require llama-server (llama.cpp), curl, and Python. Verify you have (or want) those installed. - The model is downloaded from Hugging Face (official domain) into $HOME/.distil-pii; expect ~5 GB disk usage and network download. - Important privacy nuance: the local model is instructed to include original PII values in the 'entities' array. The script prints only the redacted_text by default, but the original values are present inside the model response and will be printed if you use --show-entities (or if a bug/logging step captures the full response). If you need a stronger guarantee that original values are never returned, modify the system prompt/code so the model never includes raw values (e.g., store hashed/masked values or omit the 'value' field entirely). - Confirm llama-server actually binds to localhost (not 0.0.0.0) and that your firewall blocks external access to port 8712 to avoid local network exposure. - Run the setup in an isolated environment (VM/container) if you handle high-risk PII until you verify behavior; inspect server logs and verify no unexpected outbound connections. - If you plan to share this skill in production, ask the publisher to: (1) update registry metadata to list required binaries, (2) document the privacy tradeoffs of the 'entities.value' field, and (3) provide checksums for the model download so you can verify integrity.
Capability Analysis
Type: OpenClaw Skill Name: distil-open-claw-pii Version: 1.1.1 The skill provides local PII redaction by downloading a fine-tuned 1B parameter model from HuggingFace and running it via a local llama.cpp server (port 8712). The implementation in scripts/redact.py and scripts/setup.sh is transparent, uses standard libraries, and strictly follows the stated privacy goal of ensuring sensitive data never leaves the user's machine. The instructions in SKILL.md are designed to prevent the primary AI agent from seeing or leaking raw PII, which serves as a security best practice rather than a malicious injection.
Capability Tags
cryptocan-make-purchases
Capability Assessment
Purpose & Capability
The skill claims local-only redaction and no required binaries, but the provided scripts require a local 'llama-server' (llama.cpp) binary, curl, and Python. The registry metadata lists no required binaries even though setup.sh explicitly checks for llama-server and downloads a model—this mismatch is incoherent and should be corrected/confirmed.
Instruction Scope
SKILL.md instructs the agent to 'NEVER include the user's raw input' and to return only redacted text by default. However, scripts/redact.py's system prompt and output schema explicitly require the entities array to include the original value field (the original PII). The script only prints the redacted text by default, but the model response will contain the original values (and --show-entities prints them). That contradiction increases risk of accidental exposure (logging, debugging, or misuse of --show-entities). The script only talks to localhost, not external endpoints.
Install Mechanism
There is no package install spec; setup.sh downloads a ~5 GB GGUF model from huggingface.co (a known host) and starts a local llama-server. Downloading from Hugging Face is expected for local models; the install does not use obscure URLs or extract untrusted archives. It does start a background server and writes to $HOME/.distil-pii.
Credentials
The skill requests no environment variables or external credentials, which is appropriate for a local redactor. It does create files under $HOME/.distil-pii (model and PID) which is proportionate for this purpose.
Persistence & Privilege
The skill runs a persistent local server (llama-server) and stores the model and a PID file under $HOME/.distil-pii. always:false (good). Running a local HTTP server on port 8712 is expected, but you should confirm the server binds only to localhost and verify the process is trusted.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install distil-open-claw-pii
  3. After installation, invoke the skill by name or use /distil-open-claw-pii
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.1
Update docs to discourage --show-entities in normal workflows
v1.1.0
Default to redacted-text-only output, add --show-entities flag for full JSON
v1.0.1
Add ClawHub install instructions to README
v1.0.0
Initial release of PII redaction skill. - Redacts personal information (names, emails, phones, addresses, SSNs, credit cards, IBANs, and more) from text using a fine-tuned local model. - Operates entirely on your machine—text is never sent externally. - Returns structured JSON with redacted text and detected entities. - Includes setup, usage, and server management instructions.
Metadata
Slug distil-open-claw-pii
Version 1.1.1
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 4
Frequently Asked Questions

What is Distil Open Claw Pii?

Redact PII from text locally using a fine-tuned 1B SLM. Text never leaves your machine. Handles names, emails, phones, addresses, SSNs, credit cards, IBANs,... It is an AI Agent Skill for Claude Code / OpenClaw, with 82 downloads so far.

How do I install Distil Open Claw Pii?

Run "/install distil-open-claw-pii" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Distil Open Claw Pii free?

Yes, Distil Open Claw Pii is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Distil Open Claw Pii support?

Distil Open Claw Pii is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Distil Open Claw Pii?

It is built and maintained by Jacek Golebiowski (@jgolebiowski); the current version is v1.1.1.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 Comments