npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@fastino/pii-guard

v0.2.0

Published

Blocks outbound messages containing PII using a local encoder model

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

mary776mary776

Keywords

Readme

@fastino/pii-guard

An OpenClaw plugin that automatically detects and blocks outbound AI responses containing personally identifiable information (PII).

What it does

PII Guard intercepts every assistant response before it is written to the session. If the response contains PII above a confidence threshold, it is replaced with a warning message:

⚠️ My response was blocked as it may contain personal information. Please ask me again.

Detection is powered by urchade/gliner_multi_pii-v1, a local encoder model that runs entirely on your machine. No data is sent to external services.

Detected PII types

Person names, email addresses, phone numbers, physical addresses, dates of birth, social security numbers, credit card numbers, passport numbers, driver's licenses, bank account numbers, IP addresses, usernames, passwords, and organisations.

Requirements

  • OpenClaw gateway
  • uv — installed automatically if not present
  • Python 3.10+ (managed by uv)
  • curl (standard on macOS and Linux)

Install

openclaw plugins install @fastino/pii-guard
openclaw gateway restart

On first start, the plugin automatically:

  1. Installs uv if not present
  2. Creates a Python virtual environment
  3. Downloads and caches the PII detection model from HuggingFace (~500MB, one-time)

Subsequent starts load the model from cache and are fast.

Uninstall

openclaw plugins uninstall pii-guard
openclaw gateway restart

How it works

The plugin runs a local Flask sidecar process that holds the GLiNER model in memory. On each assistant response, a synchronous check is made to the sidecar over localhost before the message is written to the session. If any entity is detected with a confidence score ≥ 0.9, the response is replaced with the warning message.

The sidecar binds to 127.0.0.1 only and is protected by a random secret generated on first run (stored in ~/.openclaw/config/pii-guard.json).

If the sidecar is unreachable for any reason, the plugin fails open — messages are allowed through and a warning is logged.

Security notice

OpenClaw's plugin scanner will flag this plugin for child_process usage and environment variable access. These are expected: the plugin spawns a Python sidecar process and passes a locally-generated secret to it over localhost. No credentials are harvested or transmitted externally.