privacy-mask

Mask and redact sensitive information (PII) in screenshots and images — phone numbers, emails, IDs, API keys, crypto wallets, credit cards, passwords, and more. Uses OCR (Tesseract + RapidOCR) with 47 regex rules and optional NER (GLiNER) to detect private data and applies blur/fill redaction overlays. All processing runs locally and offline — no data leaves your machine.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "privacy-mask" with this command: npx skills add wuhao/privacy-mask

Privacy Mask

Detect and mask sensitive information in images locally before they leave your machine.

Prerequisites

This skill requires the privacy-mask CLI to be pre-installed on the system. If it is not available, inform the user that they need to install it first.

When to use

  • User sends a screenshot that may contain private data
  • User mentions privacy, masking, or redacting
  • You need to analyze an image but want to redact sensitive info first

Usage

Mask an image:

privacy-mask mask <image_path>
privacy-mask mask <image_path> --in-place
privacy-mask mask <image_path> --dry-run   # detect only
privacy-mask mask <image_path> --detection-engine regex  # use regex instead of NER

Output is JSON:

{
  "status": "success",
  "detections": [{"label": "PHONE_CN", "text": "***", "bbox": [10, 20, 100, 30]}],
  "summary": "Masked 1 regions: 1 PHONE_CN"
}

What it detects

  • IDs: Chinese ID card, passport, HK/TW ID, US SSN, UK NINO, Canadian SIN, Indian Aadhaar/PAN, Korean RRN, Singapore NRIC, Malaysian IC
  • Phone: Chinese mobile/landline, US phone, international (+prefix)
  • Financial: Bank card, Amex, IBAN, SWIFT/BIC
  • Developer keys: AWS, GitHub, Slack, Google, Stripe tokens, JWT, connection strings, API keys, SSH/PEM keys
  • Crypto: Bitcoin, Ethereum wallet addresses
  • Other: Email, birthday, IP/IPv6, MAC, UUID, license plate, MRZ, URL auth tokens
  • NER (optional): Person names, street addresses, organizations, dates of birth, medical conditions

Important

  • All processing is local and offline — no data leaves the machine
  • Configure rules in the bundled config.json or pass --config for custom rules

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

RedactKit - AI Privacy Scrubber

Scan your data before sending it to AI. Detect and redact PII, secrets, and sensitive info. Reversible, local, zero network calls.

Registry SourceRecently Updated
670Profile unavailable
Security

Sensitive Data Masker

Intelligent sensitive data detection and masking. Uses Microsoft Presidio + SQLite for automatic PII redaction with local restoration support.

Registry SourceRecently Updated
1990Profile unavailable
Security

DeepSafe Scan

Preflight security scanner for OpenClaw — scans deployment config, skills, memory/sessions for secrets, PII, prompt injection, and dangerous patterns. Runs 4...

Registry SourceRecently Updated
740Profile unavailable
Security

AI Agent OPSEC — Runtime Classified Data Enforcer

Prevent your AI agent from leaking classified terms to external APIs, subagents, or logs. Term registry + runtime redaction + pre-publish audit. Zero depende...

Registry SourceRecently Updated
1090Profile unavailable