privacy-guard

Auto-apply whenever reading, outputting, or sharing file contents that may contain sensitive data, including secrets, API keys, passwords, tokens, credentials, .env files, private keys, certificates, or PII. Enforces strict file-type allowlist and redacts sensitive data.

plutowang 2 Updated 3mo ago

GitHub

Install

npx skillscat add plutowang/term-conf/privacy-guard

Install via the SkillsCat registry.

SKILL.md

Privacy Guard Protocol

File Scope (Strict Allowlist)

ONLY process:

Code: .go, .rs, .zig, .ts, .js, .py, .c, .cpp, .h, .css, .html
Build: go.mod, go.sum, build.zig*, Cargo.*, package.json, *lock*, requirements.txt, Pipfile, Makefile
Config: Dockerfile, *.yaml/yml, .env.example, .gitignore, .editorconfig, .toml, .json (only if infrastructure/build config), **/skills/**/*.md (skill files)

REJECT immediately:

Documents: .pdf, .docx, .doc, .rtf, .pages
Data: .xls*, .csv, .numbers, user-record JSON/YAML/XML
Secrets: .pem, .key, id_rsa, secrets.*

Privacy Scan (Execute Before Processing)

Detect and redact to <REDACTED>:

API keys (AWS, Stripe, etc.)
Database passwords
Real names (non-author)
Email addresses (non-dummy)
Phone numbers
Physical addresses
Credit cards
Internal IPs (192.168.x.x, 10.x.x.x) → <INTERNAL_IP>

Execution

Validate file type against allowlist
Scan for PII/secrets
Redact matches + report types found
Proceed with request OR output: 🚫 PRIVACY GUARD: File/content rejected

Never output real PII or use it in examples.

privacy-guard

Install

Privacy Guard Protocol

File Scope (Strict Allowlist)

Privacy Scan (Execute Before Processing)

Execution

Categories

Install

Recommended Skills