pii-redactor Security Report — Low Risk | ClawSafe

15 /100

pii-redactor

Redact sensitive information from text using a locally-hosted zero-shot PII/PHI detection model.

This skill is pure documentation with no implementation code. It describes a legitimate PII-redaction workflow with comprehensive security guidance, but relies on an unverifiable external package (clawguard-pii) with a placeholder GitHub source.

Skill Namepii-redactor

Duration36.2s

Enginepi

✓

Safe to install

Before installing clawguard-pii, audit the package source and verify the GitHub repository is legitimate. Add version-pinned checksums for the package binary.

Findings 2 items

Severity	Finding	Location
Medium	External package source unverifiable Supply Chain The skill installs 'clawguard-pii==1.0.4' with a GitHub source URL that is explicitly marked as a placeholder. No PyPI listing, no real repository URL, no checksum. The package cannot be audited without verifiable source. `pip install clawguard-pii==1.0.4 # Source: https://github.com/anthropics/clawguard-pii (replace with the actual repository URL)` → Replace placeholder URL with the actual audited repository. Verify package integrity via signed releases or pinned checksums before installation.	`SKILL.md:14`
Low	Installation URL is a placeholder Doc Mismatch The 'Source' field in the setup instructions is a placeholder that must be replaced. Users following the docs blindly would install from an unspecified source. `(replace with the actual repository URL)` → Provide the real, verified repository URL before publishing this skill.	`SKILL.md:18`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`NONE`	`NONE`	—	No implementation files present — only documentation.
Network	`READ`	`READ`	✓ Aligned	SKILL.md declares POST to CLAWGUARD_URL/redact and GET /health — legitimately sc…
Shell	`NONE`	`NONE`	—	No shell commands executed in skill code.
Environment	`READ`	`READ`	✓ Aligned	SKILL.md declares reading CLAWGUARD_URL and CLAWGUARD_TOKEN — necessary for serv…
Skill Invoke	`NONE`	`NONE`	—	No nested skill invocations found.

3 findings

🔗

Medium External URL 外部 URL

http://127.0.0.1:

SKILL.md:62

🔗

Medium External URL 外部 URL

https://developer.nvidia.com/open-model-license

SKILL.md:160

🔗

Medium External URL 外部 URL

https://spdx.org/licenses/MIT-0.html

SKILL.md:161

File Tree

1 files · 5.6 KB · 160 lines

Markdown 1f · 160L

└─ 📝 SKILL.md Markdown 160L · 5.6 KB

Dependencies 1 items

Package	Version	Source	Known Vulns	Notes
`clawguard-pii`	`1.0.4`	GitHub (placeholder URL — unverifiable)	No	GitHub URL is explicitly marked as placeholder; package source cannot be audited

Security Positives

✓ No implementation code present — skill is purely declarative documentation

✓ Comprehensive security documentation: URL validation rules, HTTPS requirements, token handling guidance

✓ No hidden functionality — all behavior is documented in SKILL.md

✓ No credential harvesting, no data exfiltration, no obfuscation, no base64 or shell execution

✓ Authorization token uses secrets.token_hex(32) — cryptographically appropriate

✓ Fallback manual-review path prevents silent data leaks when service is down

✓ The skill properly scopes network access to localhost/internal hosts only

✓ MIT-0 license clearly declared

Scan Report

Findings 2 items

File Tree

Dependencies 1 items

Security Positives