safe-share

Sanitize logs, configs, prompts, stack traces, and skill content before they are shared publicly. Use when a user wants a local, low-risk pass to remove API keys, tokens, cookies, passwords, emails, IPs, or other sensitive values from text before posting to GitHub issues, chat, READMEs, demos, or ClawHub.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "safe-share" with this command: npx skills add nighty35628/safe-share

Safe Share

Use this skill to produce a safe-to-share copy of text. Prefer deterministic local sanitization over model-only guessing.

Workflow

  1. Confirm the user wants a shareable copy, not a forensic analysis.
  2. Determine the output mode:
    • placeholder: best default for docs, issues, READMEs, and tutorials
    • redact: best when preserving shape is not important
    • mask: best when keeping a hint of the original value is useful
  3. Run scripts/sanitize_text.py on the exact text the user provided.
  4. Return:
    • sanitized_text
    • findings_summary
    • review_notes
  5. Never echo the original sensitive value back to the user.

Operating Rules

  • Default to placeholder mode unless the user asks for something else.
  • Treat secrets and credentials as higher priority than general PII.
  • Replace with stable labels such as <OPENAI_API_KEY> or [REDACTED:BEARER_TOKEN].
  • Keep summaries high level. Report type and count, not the captured value.
  • State clearly that sanitization reduces risk but does not guarantee complete detection.
  • Do not scan unrelated files or repositories unless the user explicitly asks for that broader scope.
  • Do not send text to external services for classification or validation.

High-Risk Patterns

Prioritize these categories:

  • API keys and secret tokens
  • Authorization headers and bearer tokens
  • Cookies and session identifiers
  • .env-style credentials and password assignments
  • Private key blocks and PEM material
  • Sensitive URL query parameters

Then handle lower-risk identifiers:

  • Email addresses
  • Phone numbers
  • IP addresses
  • National ID or payment-card-like strings when confidence is high

Output Contract

Use the JSON contract from references/output-format.md when returning structured results from the script. If answering in prose, include the same three sections in human-readable form.

Resources

  • Detection and replacement behavior: references/patterns.md
  • Output structure and reviewer guidance: references/output-format.md
  • Smoke-test inputs and expected behavior: references/test-cases.md
  • Deterministic local sanitizer: scripts/sanitize_text.py

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

12 Cool Skills for OpenClaw Agent

Assistant de trading automatisé pour l'analyse de marché, la détection de signaux et l'exécution de stratégies techniques (RSI, MA, Support/Résistance). À ut...

Registry SourceRecently Updated
940Profile unavailable
Security

OpenClaw Security Audit

Security audit and credential hardening tool for OpenClaw instances. Scan for sensitive files, detect credential exposure, check gateway configuration, and m...

Registry SourceRecently Updated
1640Profile unavailable
Security

Claude Agent

作为项目经理操作 Claude Code 完全体。包含:任务执行(提示词设计→执行→监控→质量检查→迭代→汇报)。通过 tmux 操作交互式 CLI,通过 hooks + pane monitor 实现异步唤醒。NOT for: 简单单行编辑(用 edit)、读文件(用 read)、快速问答(直接回答)。

Registry SourceRecently Updated
2530Profile unavailable
Security

RevSec Shield

24/7 security monitoring for your OpenClaw agent. Detects prompt injection attacks, malicious skills, and data exfiltration attempts. Delivers plain-English...

Registry SourceRecently Updated
1060Profile unavailable