Local PII Redaction Skill for OpenClaw Uses GLiNER Model
What This Is
A security-focused OpenClaw skill that intercepts every outgoing response, processes it through a local SLM (GLiNER) to detect potential leaks of sensitive information, and redacts detected content before it leaves the system.
Key Details
The skill uses the nvidia/gliner-PII model locally to scan responses for security credentials and personally identifiable information. When detected, it replaces the sensitive data with descriptive labels like [API_KEY] and appends a short notice indicating what was removed. If no sensitive information is found, responses pass through unchanged.
Setup: Requires running a local server installed via pip install clawguard-pii, then pointing the skill at localhost.
Model specifications: The GLiNER model is approximately 570M parameters, which the creator notes doesn't add significant latency per response.
Detection capabilities: Can identify entities including API keys, passwords, usernames, email addresses, and Social Security Numbers (SSNs).
Limitations
- Misconfiguring CLAWGUARD_URL could create an exfiltration channel. The skill includes URL validation and token authentication as mitigation, but this remains a risk.
- Models are probabilistic and can make mistakes, potentially failing to redact sensitive information, especially with sophisticated prompt injections.
- The skill only processes outgoing responses and doesn't flag incoming prompt injection requests.
Additional Context
The creator expresses interest in hearing about other approaches for running local encoder SLMs in OpenClaw and bundling them with other models, noting that Ollama setup currently only works for running decoder models as the main chatbot model.
The skill is available at: https://clawhub.ai/m-newhauser/pii-redactor
📖 Read the full source: r/openclaw
👀 See Also
Claude Token Counter Updated with Model Comparison Feature
Simon Willison's Claude Token Counter tool now supports comparing token counts across different Claude models. The update reveals Opus 4.7 uses 1.0–1.35× more tokens than Opus 4.6 due to an updated tokenizer, potentially increasing costs by around 40% despite identical pricing.
Researcher Builds Veracity-Checking Skill for Claude Code, Finds Hallucinations in Own Documentation
A researcher built a Claude Code skill called /veracity-tweaked-555 that decomposes documents into atomic claims and verifies each via web search using 16 parallel agents across 4 waves. When self-audited, the skill scored 62/100 due to fabricated statistics and inflated claims in its own documentation.
AlterSpec v1.0: Runtime Policy Enforcement for AI Agents
AlterSpec v1.0 is an open-source runtime enforcement engine that sits between AI agents and their tools, evaluating actions against YAML-defined policies before execution. It provides allow/deny/review decisions, cryptographic policy signing, and audit logging.
Agentic Context Engine: Automated Agent Improvement Loop with 34.2% Accuracy Gain
An open-source tool automates the entire agent improvement loop from trace analysis to fix implementation, achieving 34.2% accuracy improvement on Tau-2 Bench in one iteration. The system uses Claude Code in a REPL environment to analyze failures and decide between prompt or code fixes.