← Back to Skills Marketplace

敏感内容扫描器

Name: 敏感内容扫描器
Author: qinkai25

by qing · GitHub ↗ · v3.2.0 · MIT-0

cross-platform ⚠ suspicious

157

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install sensitive-content-scanner

Description

专业的敏感内容扫描器，支持 PII 检测（身份证/手机号/银行卡/邮箱/IP）、敏感词检测、置信度评分、多格式报告生成。适用于文档审查、安全审计、内容合规检查、隐私保护等场景。

Usage Guidance

This skill appears to implement what it claims (PII and keyword scanning with local report generation), but take these precautions before installing or running it: - Inspect the full scripts: review the remainder of scripts/scan_sensitive.py to confirm there are no network calls (requests, urllib, sockets) or unexpected subprocess calls that could exfiltrate data. The preview is truncated — full-file review is needed to verify the 'no upload' claim. - Run in a sandbox: until you confirm no network activity, run the scanner on non-sensitive test files inside an isolated environment (air-gapped VM or container). - Confirm dependencies: the script uses third-party Python packages (Crypto/pycryptodome, and likely python-docx/openpyxl etc.). Determine required packages and versions before installing; prefer installing from known package mirrors and pin versions. - Validate encrypted-dictionary behavior: the script derives a fixed password from embedded code to decrypt .enc dictionaries. Understand this mechanism and ensure encrypted dicts come from trusted sources; otherwise malicious dictionaries could be loaded. - Check report output and storage: reports are written to report.html in working directory — verify where it will be saved and ensure it doesn't expose sensitive content to other users or services. - If you need high assurance, ask the publisher for: dependency list, full source file(s), and an explicit statement that no telemetry or network I/O is performed; if publisher cannot provide these, treat the package as untrusted.

Capability Analysis

Type: OpenClaw Skill Name: sensitive-content-scanner Version: 3.2.0 The skill is a functional utility designed to scan documents for PII (Personally Identifiable Information) and sensitive keywords. The core logic in `scripts/scan_sensitive.py` uses regex and weighted dictionaries to identify sensitive data in various file formats (Office docs and plain text) and generates local reports in HTML, Markdown, or JSON. While the script includes a mechanism to load encrypted dictionaries using a hardcoded password derivation seed (a weak cryptographic practice), there is no evidence of malicious intent, data exfiltration, or unauthorized command execution. The behavior is fully aligned with the stated purpose in `SKILL.md`.

Capability Tags

cryptorequires-walletrequires-oauth-tokenrequires-sensitive-credentials

Capability Assessment

✓ Purpose & Capability

Name, description, SKILL.md and included files (pii_patterns.md, hashed sensitive words, scan_sensitive.py) are coherent: the code implements PII and keyword scanning, reporting, and supports CSV/JSON/encrypted dictionaries as described.

ℹ Instruction Scope

SKILL.md instructs users to attach documents and asserts scans run locally without uploading. The visible code implements local pattern checks, hashing and encrypted-dictionary loading, and report file generation (report.html). However the provided script is truncated in the package preview — there is no explicit network call shown in the excerpt, but the privacy claim cannot be fully verified without reviewing the entire script for any network I/O or telemetry. Also SKILL.md permits scanning filenames and file contents (expected) but gives broad instructions that could be misused to scan arbitrary files if an agent had file-system access.

⚠ Install Mechanism

No install spec or declared dependencies are provided, yet the script imports third-party modules (e.g., Crypto from pycryptodome, and likely libraries for docx/xlsx parsing). That mismatch is a practical and security concern: an operator may need to pip-install packages (network activity) or the script may fail in constrained environments. Lack of declared dependency/version information makes it harder to audit and increases the chance of unexpected behavior.

✓ Credentials

The skill does not request environment variables, credentials, or config paths. The only notable thing is an internally derived deterministic password used to decrypt packaged encrypted dictionaries; this is self-contained and does not require external secrets.

✓ Persistence & Privilege

Skill flags show no forced persistence (always:false) and there is no evidence it modifies other skills or system-wide settings. It generates a local report file (report.html), which is normal for this functionality.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install sensitive-content-scanner
After installation, invoke the skill by name or use /sensitive-content-scanner
Provide required inputs per the skill's parameter spec and get structured output

Version History

v3.2.0

- Added compiled Python cache file: scripts/__pycache__/scan_sensitive.cpython-314.pyc - 修复word、excel、powerpoint内容解析失败问题

v3.1.2

- Version updated to 3.1.2; no file changes detected. - Documentation reflects new version number and date. - No functional or content changes.

v3.1.1

- 更新版本号至 3.1.1 - 更新日期调整为 2026-04-21 - 支持数据字典

v3.1.0

- Removed documentation and resource files, including guides, dictionary, templates, and changelog files. - Updated SKILL.md to describe more detailed HTML report features, including visual dashboards, responsive design, confidence levels, and improved output format options. - Clarified that scan results now default to an HTML report, viewable directly in a browser. - Updated FAQ and instructions to reflect new output formats (`html`, `markdown`, `json`). - Internal guides and extended documentation are no longer included in the package.

v3.0.0

# v3.0.0 — Major usability upgrade - 全面优化为“零门槛三步用法”，无需技术背景即可操作 - 支持三种扫描模式：内置规则、指定关键词、自定义数据字典（CSV） - 新增简明用户操作指南、数据字典模板，提升使用便捷性 - 文档结构全面更新，突出傻瓜式流程与常见问题解答 - 支持主流文档格式（docx/txt/md/xlsx/pdf），并明确提示支持情况

v2.0.0

sensitive-content-scanner v2.0.0 - Added confidence scoring (high/medium/low), with visual icons and grouped statistics in reports - Introduced advanced validation: ID checksum, bank card Luhn check, and IP range validation - Default disables Chinese name detection to reduce false positives; now uses whitelist if enabled - Improved report readability, consistency, and summarizes results by score level - Greatly reduced false positive rate, especially for technical documents

Metadata

Slug sensitive-content-scanner

Version 3.2.0

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 6

Frequently Asked Questions

What is 敏感内容扫描器?

专业的敏感内容扫描器，支持 PII 检测（身份证/手机号/银行卡/邮箱/IP）、敏感词检测、置信度评分、多格式报告生成。适用于文档审查、安全审计、内容合规检查、隐私保护等场景。 It is an AI Agent Skill for Claude Code / OpenClaw, with 157 downloads so far.

How do I install 敏感内容扫描器?

Run "/install sensitive-content-scanner" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is 敏感内容扫描器 free?

Yes, 敏感内容扫描器 is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does 敏感内容扫描器 support?

敏感内容扫描器 is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created 敏感内容扫描器?

It is built and maintained by qing (@qinkai25); the current version is v3.2.0.

More Skills