← 返回 Skills 市场

Content Scrubber

Name: Content Scrubber
Author: solomonneas

作者 Solomon Neas · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ✓ 安全检测通过

150

总下载

当前安装

版本数

在 OpenClaw 中安装

/install content-scrubber

功能描述

OpenClaw plugin that scrubs private infrastructure details from outgoing messages. Regex-based redaction of RFC 1918 IPs, localhost ports, SSH targets, and h...

使用说明 (SKILL.md)

Content Scrubber

An OpenClaw extension plugin that intercepts outgoing messages and redacts private infrastructure details before delivery.

What It Catches

RFC 1918 IPv4 addresses: 10.x.x.x, 172.16-31.x.x, 192.168.x.x
Loopback addresses: 127.x.x.x
localhost with ports: localhost:8080, localhost:3000, etc.
SSH/SCP targets: [email protected]:/path
Custom hostnames: configurable hostname patterns

How It Works

The plugin registers as a message interceptor. Before any message leaves OpenClaw (Discord, Telegram, Signal, etc.), it runs through regex-based scrubbing rules that replace private details with safe placeholders like [redacted-ip], [redacted-service], [redacted-target].

Rules are deterministic (regex, not LLM), so they're fast, auditable, and never miss edge cases that an LLM scrubber would.

Installation

Copy the plugin files to your OpenClaw extensions directory:

~/.openclaw/extensions/content-scrubber/
├── index.ts
├── openclaw.plugin.json
└── package.json

Add to your openclaw.json plugins config:

{
  "plugins": {
    "entries": {
      "content-scrubber": {
        "enabled": true,
        "config": {
          "dryRun": false,
          "allowedRecipients": []
        }
      }
    }
  }
}

Restart OpenClaw.

Configuration

Option	Type	Default	Description
`dryRun`	boolean	false	Log what would be scrubbed without actually redacting
`allowedRecipients`	string[]	[]	Chat IDs where scrubbing is skipped (e.g., private DMs with yourself)

Example

Before scrubbing:

SSH into [email protected] and check the service on localhost:8096

After scrubbing:

SSH into [redacted-target] and check the service on [redacted-service]

安全使用建议

This implementation appears coherent and limited to local redaction. Before installing: (1) enable dryRun first to confirm what will be redacted and avoid accidental over-redaction, (2) review and if needed customize RULES to avoid false positives (e.g., usernames that look like hostnames), (3) limit allowedRecipients rather than leaving it empty if you want exemptions, (4) test in a non-production environment, and (5) note the package has no homepage/author metadata—install only if you trust the source or after reviewing the code (index.ts is short and readable).

功能分析

Type: OpenClaw Skill Name: content-scrubber Version: 1.0.0 The content-scrubber skill is a security-focused utility designed to prevent the accidental leakage of private infrastructure details (such as RFC 1918 IP addresses, localhost ports, and SSH targets) in outgoing messages. The implementation in index.ts uses deterministic regex-based redaction and operates as a message interceptor, aligning perfectly with its stated purpose without any evidence of malicious intent, data exfiltration, or unauthorized execution.

能力评估

✓ Purpose & Capability

Name, description, SKILL.md, and index.ts all implement the same capability: intercept outgoing messages and apply regex rules to redact IPs, localhost ports, hostnames, and SSH targets. No unrelated capabilities (cloud access, filesystem scanning, network exfiltration) are requested or implemented.

✓ Instruction Scope

SKILL.md installation and config steps match the plugin code behavior (registers a message_sending hook, supports dryRun and allowedRecipients). The runtime instructions do not ask the agent to read unrelated files, environment variables, or transmit data to external endpoints.

✓ Install Mechanism

No install spec or remote downloads are used; the skill is distributed as source files to be copied into the extensions directory. This is low-risk and proportional to the stated purpose.

✓ Credentials

The skill requires no environment variables, credentials, or config paths. The plugin reads only its provided configuration (dryRun, allowedRecipients) and runtime event/context fields, which is appropriate.

✓ Persistence & Privilege

always is false (default) and the plugin runs only when enabled by adding it to openclaw.json. It does not modify other plugins or global agent settings.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install content-scrubber
安装完成后，直接呼叫该 Skill 的名称或使用 /content-scrubber 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Initial release of Content Scrubber for OpenClaw: - Redacts RFC 1918 IPs, loopback addresses, localhost ports, SSH/SCP targets, and custom hostnames from outgoing messages. - Uses fast and auditable regex-based rules, not LLM methods. - Configurable via `dryRun` mode and `allowedRecipients` for fine-grained control. - Integrates as a message interceptor for Discord, Telegram, Signal, and other messaging platforms. - Easy installation and setup in the OpenClaw extensions directory.

元数据

Slug content-scrubber

版本 1.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题