prepublish-privacy-scrub
Scan and remove sensitive data before publishing skills. Detect API keys, tokens, secrets, and personal info.
Why use this skill?
Safely publish your OpenClaw skills by automatically detecting and redacting API keys, secrets, and private data before deployment.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/dalomeve/prepublish-privacy-scrubWhat This Skill Does
The prepublish-privacy-scrub skill is a critical security utility for OpenClaw users who develop, maintain, or distribute AI agent skills. Its primary function is to perform a comprehensive sweep of your local project directories to identify and redact sensitive information before it is exposed to the public or shared in repositories. By automating the detection of credentials, secrets, and PII (Personally Identifiable Information), it prevents the accidental leakage of API keys, authentication tokens, internal network paths, and email addresses. The skill consists of two core components: a scanning engine that flags potential security risks using regex pattern matching, and a scrubbing utility that automatically replaces detected secrets with a 'REDACTED' placeholder, ensuring your code remains secure and compliant with privacy best practices.
Installation
To integrate this utility into your development environment, run the following command in your terminal:
clawhub install openclaw/skills/skills/dalomeve/prepublish-privacy-scrub
Use Cases
This skill is indispensable for professional developers and hobbyists alike. Key use cases include: cleaning up a repository before pushing it to GitHub, verifying that temporary test credentials haven't been hardcoded into production-bound scripts, ensuring internal documentation does not contain private user paths (e.g., C:\Users\Name), and maintaining compliance with organizational security policies regarding credential handling. It acts as a safety net during the transition from local development to community publication.
Example Prompts
- "OpenClaw, please run a privacy scan on my current project folder to ensure no API keys or internal secrets are exposed."
- "Perform a full privacy scrub on the './my-new-skill' directory and redact all found tokens and secrets."
- "Check my project files for any hardcoded passwords, emails, or environment variables before I publish this skill."
Tips & Limitations
To maximize the effectiveness of this tool, always run the scan twice: once before your final build and once immediately before publication. While the tool is highly effective at catching common patterns, it should be treated as a secondary defense layer; always utilize environment variables or secure vault services for managing sensitive credentials rather than relying solely on post-process scrubbing. Note that the regex patterns focus on standard keys and common token formats; highly custom or obfuscated secrets may require manual verification.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-dalomeve-prepublish-privacy-scrub": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: file-read, file-write
Related Skills
model-route-guard
Diagnose and fix model routing conflicts. Ensure primary model uses correct provider endpoint without duplicate overrides.
Instruction Anchor Guard
Skill by dalomeve
ui-design-optimizer
Generate practical UI design systems and starter pages using local style/color/typography datasets. Use for landing page or dashboard UI planning and implementation.
Skill Governance Balanced
Skill by dalomeve
evidence-url-verifier
Verify evidence URLs are real and accessible. Check that artifact links resolve to actual content, not placeholders.