2.5k
GitHub Stars
4
Bundled Files
2 months ago
Catalog Refreshed
3 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill openclaw/skills --skill presidio-pii-skill- _meta.json314 B
- README.md5.9 KB
- skill.json1.1 KB
- SKILL.md4.0 KB
Overview
This skill provides local PII protection for OpenClaw agents using Microsoft Presidio running in Docker. It scrubs customer identifiers (names, phones, emails, addresses, credit cards, vessel names, etc.) before any data reaches an AI model and supports reversible pseudonymization plus a fail-closed policy. Use it as a mandatory preprocessing step for customer-facing data sources to prevent leakage of real PII.
How this skill works
The skill runs Presidio as local Docker containers and exposes simple scripts to check health, scrub text, and restore tokens to real values. After retrieving raw data, you pass it to the scrubber which returns anonymized text, detected entity types, and a local mapping file keyed by session ID. Models reason on the anonymized text; final outputs are de-anonymized by restoring tokens and securely deleting the mapping.
When to use it
- Always run before processing CRM data (HubSpot, Salesforce, etc.).
- Always run before indexing or analyzing cloud storage content (Google Drive, Dropbox).
- Before querying project management tools or support systems that contain customer data.
- Whenever customer names, phone numbers, emails, addresses, or financial identifiers may be present.
- Before sending any extracted customer content to an LLM or external model.
Best practices
- Enforce the fail-closed rule: do not query customer sources if Presidio health check fails.
- Use a unique session identifier (timestamp or request ID) for each scrub/restore cycle.
- Store mapping files locally with strict permissions and ensure automatic deletion after restore.
- Tune and extend recognizers in configs/recognizers.json for business-specific identifiers (vessels, project IDs).
- Integrate scrub and restore as middleware so no raw PII reaches downstream models.
Example use cases
- Preprocess support tickets from a CRM before generating agent responses with an LLM.
- Scrub drive documents before creating searchable embeddings or knowledge bases.
- Anonymize customer details in exported project management notes prior to analysis.
- Protect PII in ingestion pipelines for analytics or model fine-tuning.
- Temporarily pseudonymize customer identifiers while generating personalized communications, then restore before sending.
FAQ
Follow the fail-closed rule: do not query customer data sources. Notify the owner that PII protection is offline and processing is blocked.
Is any customer data sent externally?
No. All detection and mapping occur on localhost in Docker containers; no data is sent to external services.
Can I customize entity detection for my business?
Yes. Edit configs/recognizers.json to add or boost recognizers for vessel names, project IDs, or other domain identifiers.