← 返回 Skills 市场
teodorofodocrispin-cmyk

TrustBoost PII Sanitizer

作者 teodorofodocrispin-cmyk · GitHub ↗ · v2.0.3 · MIT-0
cross-platform ⚠ suspicious
135
总下载
0
收藏
0
当前安装
6
版本数
在 OpenClaw 中安装
/install trustboost-pii-sanitizer
功能描述
Sanitizes PII from text before sending to LLMs. Use when handling user-generated text that may contain sensitive data, when privacy compliance is required (G...
安全使用建议
This skill appears to do what it says (remote PII sanitization), but before installing: 1) Confirm the operator and endpoint (api.trustboost.dev / GitHub repo) are legitimate and review their privacy policy and audit report. 2) Ask for technical details on how 'raw input is never stored' is enforced (encryption, retention, access controls, and whether any raw content is processed in logs or backups). 3) Clarify the TRIAL mechanism: how is a wallet tied to 'TRIAL' without sending a signed transaction, and what information you must send that could deanonymize users? 4) Never supply production private keys; if autonomous payments are used, test only with ephemeral wallets and insist on client-side signing so the service never receives your private key. 5) For strict no-transmission environments (HIPAA, on-prem), use a local sanitizer — this skill transmits raw text to a third party. If these questions are unanswered or you cannot accept outbound transmission of user data, treat the skill as unsuitable.
能力标签
cryptorequires-walletcan-make-purchasesrequires-sensitive-credentials
能力评估
Purpose & Capability
The skill claims to be a remote PII sanitizer and its instructions require sending text to the TrustBoost API — this is coherent with the stated purpose. Minor mismatch: the SKILL.md metadata version is 2.0.2 while the registry lists 2.0.3 (likely benign but should be consistent).
Instruction Scope
Runtime instructions explicitly instruct the agent to transmit raw input text to https://api.trustboost.dev/sanitize and to include a Solana tx_hash. Sending raw text to a third-party service is expected for a hosted sanitizer, but the doc also repeatedly asserts 'raw input text is never stored' without describing technical controls (e.g., encryption at rest, retention policies, or how Supabase/trial logic prevents accidental persistence). The instructions also discuss signing Solana transactions and autonomous payments — that requires access to a wallet private key (sensitive) and the doc doesn't fully explain how wallets are authenticated for the TRIAL mode or how tx_hash='TRIAL' is validated per-wallet.
Install Mechanism
Instruction-only skill with no install steps or code files — lowest install risk (nothing written to disk by the skill itself).
Credentials
No required env vars, but metadata lists an optional SOLANA_WALLET_KEY for autonomous payments. Requesting (even optionally) a private key is high-sensitivity and should be justified with precise usage and guidance (e.g., ephemeral wallets only). The doc's payment/trial flow is underspecified: it's unclear how a wallet is associated with TRIAL requests if the tx_hash value 'TRIAL' is acceptable, which raises questions about how wallet-bound quotas are enforced without exposing private keys.
Persistence & Privilege
always:false and user-invocable: true — the skill does not request forced or always-on presence and does not modify other skills. No elevated platform privileges are requested.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install trustboost-pii-sanitizer
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /trustboost-pii-sanitizer 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.0.3
- Added a homepage link (GitHub repository) to the skill metadata. - Updated the version number in metadata from 2.0.1 to 2.0.2. - No functional or API-level changes.
v2.0.2
trustboost-pii-sanitizer v2.0.2 - Updated internal version metadata from 2.0.0 to 2.0.1. - Added a new metadata field, `requires_env`, specifying an optional environment variable (SOLANA_WALLET_KEY) for agents needing autonomous payments. - No other functional or user-facing changes detected.
v2.0.1
- API endpoint and health check URLs updated from onrender.com to api.trustboost.dev. - No other functional changes; all features, payment, and compliance details remain the same. - Documentation and operator verification sections now reference the new API domain.
v2.0.0
TrustBoost PII Sanitizer v2.0 brings major infrastructure and API updates: - Migrated from Make.com to a new API endpoint powered by FastAPI, Supabase, and Render (AWS) for improved reliability. - Per-wallet TRIAL quota: 50 free sanitizations per Solana wallet (was global). - Audit logging now handled via Supabase PostgreSQL (never stores raw input). - API endpoints, health checks, and documentation updated to reflect new infrastructure. - Enhanced replay attack protection and explicit wallet-based free quota. - Streamlined error and success responses; see updated JSON schema.
v1.2.1
**Major update: Adds a transparency section with detailed operator and data flow disclosure.** - Added a "Transparency Notice" with clear explanations of data flow, storage, Make.com processing, and audit trail for compliance clarity. - Now explicitly highlights when NOT to use the skill (e.g., on-prem HIPAA, non-approved data processors, or real secrets in prod). - Expanded payment model explanation with cautionary guidance for autonomous agent use—emphasizing quota checks and wallet key safety. - Clearly documents operator identity, audit/compliance endpoints, and repository links for verification. - No changes to core API functionality or integration method.
v1.2.0
trustboost-pii-sanitizer 1.2.0 – Major upgrade with multilingual, autonomous, and privacy features. - Adds country-specific PII detection for English, Spanish (LATAM), Portuguese, German, and Japanese texts. - No authentication or SDK required; single POST request workflow introduced with 50 free trial uses. - Supports privacy compliance for GDPR, LGPD, APPI, HIPAA, CCPA, DPDPA. - Autonomous Solana-based payment and quota management with a new tx_hash system. - Responds with sanitized text, safety score (0.0–1.0), risk category, and usage metrics. - Enhanced documentation and code samples for agent and pipeline integration.
元数据
Slug trustboost-pii-sanitizer
版本 2.0.3
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 6
常见问题

TrustBoost PII Sanitizer 是什么?

Sanitizes PII from text before sending to LLMs. Use when handling user-generated text that may contain sensitive data, when privacy compliance is required (G... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 135 次。

如何安装 TrustBoost PII Sanitizer?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install trustboost-pii-sanitizer」即可一键安装,无需额外配置。

TrustBoost PII Sanitizer 是免费的吗?

是的,TrustBoost PII Sanitizer 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

TrustBoost PII Sanitizer 支持哪些平台?

TrustBoost PII Sanitizer 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 TrustBoost PII Sanitizer?

由 teodorofodocrispin-cmyk(@teodorofodocrispin-cmyk)开发并维护,当前版本 v2.0.3。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 留言讨论