← 返回 Skills 市场
cq2000419

Privacy Guard

作者 cq2000419 · GitHub ↗ · v0.3.0 · MIT-0
cross-platform ✓ 安全检测通过
98
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install privacy-guard-dami
功能描述
自动检测OpenClaw日志中的API密钥、密码、身份证等敏感信息泄露,分级报警并支持交互确认和白名单管理。
安全使用建议
This skill appears to do what it says: locally scan OpenClaw logs and keep a pending-review list and whitelist. Before installing or running it: 1) Inspect the full privacy_guard.py for any network calls (search for 'requests', 'urllib', 'socket', 'http', 'feishu', 'webhook') — the README and config mention an optional Feishu webhook; leave it blank unless you trust the endpoint. 2) Be aware that the tool stores a content_preview (up to ~100 chars) of matched lines in suspicious.json and alert_log.md — those previews can contain secrets; if you want strict non-persistence, modify the code to store only hashes or metadata. 3) Remove any embedded secrets found in the packaged files (alert_log.md contains an sk- key example) before sharing or deploying. 4) Run the script in a controlled environment first and review generated suspicious.json/alert_log.md to confirm the stored data is acceptable. If you want, share the remainder of privacy_guard.py (the truncated portions) and I can re-check specifically for outbound network calls or hidden behaviors.
功能分析
Type: OpenClaw Skill Name: privacy-guard-dami Version: 0.3.0 The skill is a local privacy utility designed to scan OpenClaw log files for sensitive data such as API keys, passwords, and personal identification numbers. It uses a multi-level classification system (CRITICAL, HIGH, SUSPICIOUS) and maintains a local whitelist to reduce false positives. While the script `privacy_guard.py` contains a hardcoded fallback path for a specific user profile ('cq200'), it primarily relies on the 'LOCALAPPDATA' environment variable and lacks any network exfiltration logic or unauthorized persistence mechanisms.
能力标签
requires-oauth-token
能力评估
Purpose & Capability
Name/description (detect sensitive data in OpenClaw logs) matches the implemented behavior: the script searches OpenClaw log files for API keys, passwords, IDs, phone numbers, etc. Required resources (none) are proportional to the stated purpose.
Instruction Scope
SKILL.md only instructs running the included Python script. The script reads log files from a local OpenClaw log directory and persists detection results and user whitelist locally. Be aware the code stores a content_preview (up to ~100 chars) of matched lines in suspicious.json/whitelist files — these previews can include sensitive substrings.
Install Mechanism
No install spec; this is an instruction+script package. No downloads or foreign package installation are present in the provided files.
Credentials
The skill declares no required environment variables or credentials. It does read os.environ.get('LOCALAPPDATA') to build a default log path; otherwise it doesn't request secrets. The config contains an optional feishu_webhook field and README mentions Feishu notifications if configured — enabling that would send alerts to an external endpoint, so ensure any webhook is trusted and contains only metadata you accept sending.
Persistence & Privilege
The script persists whitelist.json, suspicious.json, and report/alert files in the skill directory (normal). It is not always:true and does not modify other skills. Consider that persisted previews may include secret fragments and remain on disk until removed.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install privacy-guard-dami
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /privacy-guard-dami 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.3.0
Privacy Guard - 敏感信息外泄检测 v0.3.0 introduces major enhancements to sensitive information risk detection: - Added a three-level risk detection system: CRITICAL, HIGH, and SUSPICIOUS. - Introduced error-tolerance: SUSPICIOUS items are not directly alerted, but added to a review list. - Added interactive learning: users can confirm items as safe or risky, manage whitelist, and review suspicious items. - Automated evolution: confirmed items and whitelist update detection rules automatically. - Improved whitelist and suspicious item handling with persistent local storage.
元数据
Slug privacy-guard-dami
版本 0.3.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Privacy Guard 是什么?

自动检测OpenClaw日志中的API密钥、密码、身份证等敏感信息泄露,分级报警并支持交互确认和白名单管理。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 98 次。

如何安装 Privacy Guard?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install privacy-guard-dami」即可一键安装,无需额外配置。

Privacy Guard 是免费的吗?

是的,Privacy Guard 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Privacy Guard 支持哪些平台?

Privacy Guard 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Privacy Guard?

由 cq2000419(@cq2000419)开发并维护,当前版本 v0.3.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论