← 返回 Skills 市场
zack-dev-cm

Artifact Redactor

作者 Zakhar Pashkin · GitHub ↗ · v1.0.6 · MIT-0
cross-platform ✓ 安全检测通过
151
总下载
0
收藏
1
当前安装
7
版本数
在 OpenClaw 中安装
/install artifact-redactor
功能描述
Public OpenClaw skill for redacting private paths, secret-like strings, private URLs, and common PII from Markdown, JSON, logs, and other text artifacts befo...
使用说明 (SKILL.md)

Artifact Redactor

Goal

Take a directory or file full of text artifacts and produce a safer share bundle:

  • one scan of obvious sensitive text patterns
  • one redacted output directory for supported text files
  • one structural check of the redacted output plus a manual-review decision for skipped files
  • one markdown report that explains what was found, what was redacted, and what still needs manual review

This skill is for text artifacts such as Markdown, JSON, logs, YAML, CSV, shell output, and similar files. It does not claim to sanitize screenshots, PDFs, or other binary files. It requires Python 3.9+.

Use This Skill When

  • a bug bundle, browser trace, experiment report, or release note needs to be shared outside the immediate team
  • logs or manifests contain private paths, local URLs, token-like strings, email addresses, or phone numbers
  • you want a safer public issue attachment without rewriting the artifact by hand
  • you need a clear manual-review list for files the automatic pass did not rewrite

Quick Start

  1. Scan the source artifacts.

    • Use python3 {baseDir}/scripts/scan_sensitive_text.py --root \x3Csource> --out \x3Cscan.json>.
    • Point --root at either one file or a directory.

  2. Write a redacted copy.

    • Use python3 {baseDir}/scripts/redact_artifacts.py --root \x3Csource> --out-dir \x3Csafe-dir> --out \x3Credaction.json>.
    • This writes only supported text files into the output tree.
    • Binary or unsupported files are skipped and called out for manual review.

  3. Check the output.

    • Use python3 {baseDir}/scripts/check_redaction_output.py --root \x3Csafe-dir> --redaction \x3Credaction.json> --out \x3Ccheck.json>.
    • The check returns share-ready only when no supported-text findings remain and no skipped files still require manual review.
    • If skipped files exist, expect manual-review-required rather than a full-clear result.

  4. Render the report.

    • Use python3 {baseDir}/scripts/render_redaction_report.py --scan \x3Cscan.json> --redaction \x3Credaction.json> --check \x3Ccheck.json> --out \x3Creport.md>.
    • Share the report with the redacted output directory instead of the raw artifacts.

Operating Rules

Safety rules

  • Keep the promise narrow: supported text files only.
  • Treat screenshots, videos, PDFs, and other binary files as manual-review items.
  • Prefer preserving public context when safe. Public URLs may stay, but query strings and fragments should be removed.
  • Replace sensitive values with stable placeholders instead of deleting surrounding context.

Review rules

  • Re-scan the redacted output before sharing it.
  • If the output check returns fix-required or manual-review-required, do not present the full bundle as cleared.
  • Manual-review lists are part of the deliverable, not optional cleanup.

Bundled Scripts

  • scripts/scan_sensitive_text.py
    • Scan files for obvious sensitive text patterns and emit JSON findings.
  • scripts/redact_artifacts.py
    • Write a redacted copy of supported text files into a separate output directory.
  • scripts/check_redaction_output.py
    • Re-scan the redacted output and emit share-ready, manual-review-required, or fix-required.
  • scripts/render_redaction_report.py
    • Render a concise markdown summary from the scan, redaction, and check JSON outputs.
安全使用建议
This skill appears to do what it claims: local redaction of supported text files. Before using: (1) run it on a copy of your artifacts (do not run in-place), (2) supply an empty out-dir and verify the tool's printed report, (3) manually review any files the tool marked as skipped or 'manual-review-required' (binary files, screenshots, PDFs are not handled), (4) confirm the redacted output meets your safety expectations (inspect placeholders and snippets), and (5) if you need different secret patterns or file types, review/adjust the bundled regexes. The skill runs locally and does not exfiltrate data, but you should still inspect the GitHub homepage/source if you need higher assurance.
功能分析
Type: OpenClaw Skill Name: artifact-redactor Version: 1.0.6 The artifact-redactor skill is a legitimate utility designed to identify and mask sensitive information (PII, secrets, private paths, and internal URLs) from text-based files. The bundled Python scripts (redact_artifacts.py, scan_sensitive_text.py, etc.) use standard regex-based pattern matching and local file operations to perform redactions and generate reports. There is no evidence of data exfiltration, unauthorized network access, or malicious prompt injection; the logic is entirely consistent with the stated purpose of creating safer shareable bundles of logs and artifacts.
能力评估
Purpose & Capability
Name/description match the delivered functionality. The package includes Python scripts that scan, redact, check, and render reports for supported text files. Requiring python/python3 is appropriate; no unrelated credentials, binaries, or config paths are requested.
Instruction Scope
SKILL.md instructs running the bundled Python scripts against a user-specified root and out-dir. The scripts only read files recognized by a conservative suffix whitelist and explicitly skip binary/unsupported files; they do not contact external endpoints. Note: the agent (or user) must grant filesystem read access to the root and write access to the out-dir; skipped/unsupported files are surfaced for manual review.
Install Mechanism
No install spec — instruction-only behavior. Code is bundled in the skill and executed locally with the system Python; nothing is downloaded or installed from external URLs.
Credentials
Requires no environment variables or credentials. The regexes include patterns for common secret formats (GitHub PATs, OpenAI-like sk- keys, bearer tokens), which is expected for a redaction tool.
Persistence & Privilege
Skill is user-invocable and not forced-always. It does not request persistent agent-level privileges or modify other skills. It runs only when invoked.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install artifact-redactor
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /artifact-redactor 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.6
Harden release surface and refresh public skill metadata.
v1.0.5
Align repo and packaged skill licenses to MIT-0.
v1.0.4
Declare MIT license metadata to match the repo license.
v1.0.3
Fail fast on missing inputs, require redaction context for the output check, and clarify/test Python 3.9+ support.
v1.0.2
Treat skipped files as manual-review-required, add runnable quick start, and add source-controlled CI.
v1.0.1
Soften public wording to share-ready and replace synthetic smoke fixtures that resembled real secrets or local paths.
v1.0.0
Initial public release for text-artifact redaction and share-safe reporting.
元数据
Slug artifact-redactor
版本 1.0.6
许可证 MIT-0
累计安装 1
当前安装数 1
历史版本数 7
常见问题

Artifact Redactor 是什么?

Public OpenClaw skill for redacting private paths, secret-like strings, private URLs, and common PII from Markdown, JSON, logs, and other text artifacts befo... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 151 次。

如何安装 Artifact Redactor?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install artifact-redactor」即可一键安装,无需额外配置。

Artifact Redactor 是免费的吗?

是的,Artifact Redactor 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Artifact Redactor 支持哪些平台?

Artifact Redactor 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Artifact Redactor?

由 Zakhar Pashkin(@zack-dev-cm)开发并维护,当前版本 v1.0.6。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论