← Back to Skills Marketplace
181
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install openclaw-security-pii-audit
Description
Multi-region async PII detection for OpenClaw sessions. Scans user input, prompts, context, and knowledge base content for sensitive personal data across CN,...
Usage Guidance
This skill appears to do what it says: local PII scanning with per-source sampling, masked previews, and NDJSON audit files. Before installing, consider: (1) where the audit directory will be (set OPENCLAW_AUDIT_DIR if you need a specific location and ensure write permissions), (2) audit files and the cache contain hashes and masked previews — treat the audit directory as sensitive and apply your retention/policy controls, (3) the skill relies on callers to choose which content to scan; avoid feeding it secrets you do not want written even in masked form, and (4) review retention/cleanup configuration (default 7 days) to ensure it meets your compliance needs. No network exfiltration, secret-env requests, or surprising install steps were found in the bundle.
Capability Analysis
Type: OpenClaw Skill
Name: openclaw-security-pii-audit
Version: 1.0.0
The openclaw-security skill bundle is a comprehensive PII auditing tool designed for local session monitoring. It implements multi-region detection for various sensitive data types (IDs, bank cards, phones, etc.) using regex and algorithmic validation (Luhn, checksums). Security features include local-only NDJSON logging, data masking, file locking for concurrency, and a secure temp-file workflow to avoid exposing PII in process metadata. The code is well-documented, includes extensive unit tests (test_all.py), and lacks any indicators of data exfiltration or malicious intent.
Capability Assessment
Purpose & Capability
Name/description (PII audit across multiple regions) matches the included detectors, sampling/cache logic, NDJSON logging, and cleanup scripts. The detectors implement PHONE/EMAIL/PERSON_NAME/ADDRESS/PASSPORT/BANK_CARD/NATIONAL_ID/SOCIAL_ACCOUNT as advertised; regional rules and checksums in references/patterns.md align with detector code.
Instruction Scope
SKILL.md instructs the agent to submit content (input/prompt/context/knowledge_base) to the audit_worker, prefer file-based background scans, and never block the main response. That scope is consistent with a PII-audit skill, but it inherently requires the caller to decide what conversation/context/KB content to feed the script. If the agent or caller supplies content from other skills, those other skills' data may be scanned and written to local audit logs (masked and hashed). The README and code explicitly warn about not passing PII on the command line and recommend using --file + --delete-after-read.
Install Mechanism
This is instruction + bundled Python scripts (no install spec). The code is pure Python stdlib (no external download or packages) and writes only to a local audit directory. No installers, remote downloads, or extracted archives are present.
Credentials
The skill does not require credentials or environment variables. It optionally respects OPENCLAW_AUDIT_DIR to override output location (documented). There are no requests for unrelated secrets or access to other services.
Persistence & Privilege
always:false and user-invocable:true (normal). The skill writes local NDJSON logs and a local scan cache (.scan-cache.json) within its audit directory; this is appropriate for a local audit tool. It does not modify other skills' configs or request system-wide privileges.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install openclaw-security-pii-audit - After installation, invoke the skill by name or use
/openclaw-security-pii-audit - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: Multi-region async PII detection engine. 8 PII categories, 10 regions, smart sampling, zero dependencies.
Metadata
Frequently Asked Questions
What is OpenClaw Security PII Audit?
Multi-region async PII detection for OpenClaw sessions. Scans user input, prompts, context, and knowledge base content for sensitive personal data across CN,... It is an AI Agent Skill for Claude Code / OpenClaw, with 181 downloads so far.
How do I install OpenClaw Security PII Audit?
Run "/install openclaw-security-pii-audit" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is OpenClaw Security PII Audit free?
Yes, OpenClaw Security PII Audit is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does OpenClaw Security PII Audit support?
OpenClaw Security PII Audit is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created OpenClaw Security PII Audit?
It is built and maintained by mtoby8326 (@mtoby8326); the current version is v1.0.0.
More Skills