Printing Press Polish

Name: Printing Press Polish
Author: mvanhorn

mvanhorn/cli-printing-press

Clear PII findings in a cli-printing-press project so promote and publish gates pass with an auditable ledger.

Overview

Printing Press Polish is an agent skill for the Ship phase that clears the cli-printing-press PII ledger so promote and publish security gates pass.

Install

npx skills add https://github.com/mvanhorn/cli-printing-press --skill printing-press-polish

What is this skill?

Runs cli-printing-press pii-audit and owns .printing-press-pii-polish.json ledger authority
Phase 1 shape detectors: order IDs, card-last-4, email, US phone, ZIP+4, postal address
Accept contract requires category enum plus evidence_context for every non-PII acceptance
Optional --manuscripts-dir scans research.json and research/*.md on publish-staged paths
Promote and publish re-run the audit; pending findings block gates
Phase 1 detectors cover 6 shape classes: order/transaction IDs, card-last-4, email, US phone, ZIP+4, postal address
Accept contract uses 7 closed category values including attribution through synthetic_placeholder

Compatible agents: Claude Code, Codex, Cursor, any compatible agent

Adoption & trust: 2k installs on skills.sh; 3.1k GitHub stars; 2/3 security scanners passed (skills.sh audits).

What problem does it solve?

You cannot promote or publish cli-printing-press output because the PII audit still reports pending shape-matched findings.

Who is it for?

Maintainers of cli-printing-press CLIs who hit PII gate failures right before promote or publish.

Skip if: General redaction outside the printing-press pipeline or projects that do not use cli-printing-press audits.

When should I use this skill?

Promote or publish is blocked on PII audit pending findings for a cli-printing-press directory or manuscripts run.

What do I get? / Deliverables

Every ledger item is either replaced with placeholders or accepted with category and evidence_context until promote and publish audits pass.

Resolved .printing-press-pii-polish.json ledger
Gate-passing pii-audit run
Documented accept entries with category and evidence_context

Recommended Skills

Azure Compliancemicrosoft/azure-skills

Azure Compliance is a Microsoft agent skill for solo builders and small teams who need structured security and complianc…373k installs·1.2k stars

Openclaw Secure Linux Cloudxixu-me/skills

OpenClaw Secure Linux Cloud guides a hardened VPS deployment—rootless Podman, loopback-only gateway, SSH-tunneled Contro…201k installs·61 stars

Entra Agent Idmicrosoft/azure-skills

entra-agent-id is a Microsoft-authored agent skill for provisioning and operating OAuth-capable identities tailored to A…99.1k installs·1.2k stars

Firebase Security Rules Auditorfirebase/agent-skills

Firebase Security Rules Auditor turns your agent into a senior penetration-style reviewer for Firestore rulesets. Solo b…40.3k installs·345 stars

Firestore Security Rules Auditorfirebase/agent-skills

Firestore-security-rules-auditor is a checker skill for solo builders and small teams shipping Firebase-backed apps who …20.3k installs·345 stars

Skill Vetteruseai-pro/openclaw-skills-security

Skill Vetter is a security-first OpenClaw agent skill that makes your coding agent behave like a pre-install auditor for…19.2k installs·62 stars

Journey fit

Primary fit

Polish runs immediately before release promotion and publish, when customer-data leakage is the blocking risk. security is the shelf for PII audit, accept contract, and gate compliance—not general copy editing.

How it compares

Use instead of manual grep for PII when the printing-press promote and publish gates require the official audit JSON.

Common Questions / FAQ

Who is printing-press-polish for?

Solo builders and operators running cli-printing-press who need a repeatable PII resolution loop before release.

When should I use printing-press-polish?

During Ship security prep when pii-audit blocks promote or publish, including manuscript runs that add research.json and research markdown to the scan.

Is printing-press-polish safe to install?

It guides local CLI audits over your repo content; review the Security Audits panel on this Prism page before granting agent shell access to your project tree.

SKILL.md

READMESKILL.md - Printing Press Polish

# PII Polish — Customer-PII Gate Playbook

**Goal:** clear the PII ledger so promote and publish gates pass. Every pending finding is either real PII (replace with a placeholder in source) or a justified non-PII match (accept in the ledger with pre-decision fields).

**Scope:** Phase 1 detectors are shape-only — order/transaction IDs, card-last-4, email, US phone, ZIP+4, postal-address. ASINs and standalone names are a future detector class pending spec-aware detection work. A passing gate is the floor, not "PII-clean."

```bash
cli-printing-press pii-audit <cli-dir>
```

The audit writes `<cli-dir>/.printing-press-pii-polish.json`. Promote and publish re-run the audit themselves, so the ledger header is the authority — they refuse if pending findings or gate failures remain.

When polish resolved a manuscripts run directory, run the audit with `--manuscripts-dir <run-dir>`. That adds only `<run-dir>/research.json` and `<run-dir>/research/*.md` to the scan and reports them as `.manuscripts/<run-id>/...` paths, matching the publish-staged tree.

## The accept contract

Every `status: "accepted"` entry must populate:

- **`category`** — one of `attribution`, `place_name`, `corporate_name`, `documentation_example`, `api_provider_data`, `synthetic_placeholder`, `other`. The closed enum forces a specific claim about *what shape of non-PII this is*.
- **`evidence_context`** — quote the surrounding 1-2 lines from the source. Lets a reviewer judge the category claim by reading only the ledger.
- **`note`** — free-form; required only when `category` is `other`.

```json
{
  "kind": "email",
  "file": "data.json",
  "line": 17,
  "matched_span": "alice@example.com",
  "status": "accepted",
  "category": "documentation_example",
  "evidence_context": "Inside README's 'Sample request' block, under a code fence demonstrating customer-email; reserved @example.com TLD."
}
```

If `category` and `evidence_context` can't be filled honestly, the finding isn't yet understood. Re-read the source and either fix it or pick a sharper category.

## Per-finding decision

For each pending finding, read 1-2 lines on either side of the match and pick one outcome:

| Outcome | When | What to do |
|---|---|---|
| **Fix in source** | Real customer value (captured order, sniff response, etc.) | Replace with the non-matching placeholder from the table below |
| `category: api_provider_data` | Vendor's published example (Stripe docs use `4242`, support@vendor.com, etc.) | Cite vendor docs URL or captured field name in `evidence_context` |
| `category: documentation_example` | Example value in README/SKILL prose teaching how a field works | Quote the documentation context |
| `category: synthetic_placeholder` | Already a standards-reserved synthetic (`user@example.com`, `+1-555-01xx`, `90210-1234`, `1 EXAMPLE WAY`) | Name the convention in `evidence_context` |
| `category: other` | Non-PII shape that matched (request ID, batch ID, version range hitting ZIP regex) | Required `note` names what the value actually is |

### Replacement placeholders

Use these to avoid re-flagging on the next audit:

| Detector | Placeholder (does not re-match) |
|---|---|
| `card-last-4` | `PII_CARD_LAST4_EXAMPLE` |
| `email` | `PII_EMAIL_EXAMPLE` |
| `phone-us` | `PII_PHONE_EXAMPLE` |
| `zip-plus-4` | `PII_ZIP_EXAMPLE` |
| `postal-address` | `PII_ADDRESS_EXAMPLE` |

When a downstream consumer (parser, schema validator) needs a valid-shape value, use the standards-reserved synthetics — `user@example.com`, `+1-555-0100`, `90210-1234`, `1 EXAMPLE WAY` — and accept the first audit finding as `synthetic_placeholder`. Subsequent audits preserve the accept.

### Detector-specific notes

- **`zip-plus-4`** has high false-positive rate. Request IDs, batch IDs, correlation IDs, and version ranges all match the shape. Most pending findings here resolve to `category: other` with a `note` naming the actual field, not real PII.
- **`postal-address`** matches Title-Case and ALL-CAPS street names

What is this skill?

Runs cli-printing-press pii-audit and owns .printing-press-pii-polish.json ledger authority

Phase 1 shape detectors: order IDs, card-last-4, email, US phone, ZIP+4, postal address

Accept contract requires category enum plus evidence_context for every non-PII acceptance

Optional --manuscripts-dir scans research.json and research/*.md on publish-staged paths

Promote and publish re-run the audit; pending findings block gates

Phase 1 detectors cover 6 shape classes: order/transaction IDs, card-last-4, email, US phone, ZIP+4, postal address

Accept contract uses 7 closed category values including attribution through synthetic_placeholder

Compatible agents: Claude Code, Codex, Cursor, any compatible agent

Adoption & trust: 2k installs on skills.sh; 3.1k GitHub stars; 2/3 security scanners passed (skills.sh audits).

SKILL.md

READMESKILL.md - Printing Press Polish

# PII Polish — Customer-PII Gate Playbook

**Goal:** clear the PII ledger so promote and publish gates pass. Every pending finding is either real PII (replace with a placeholder in source) or a justified non-PII match (accept in the ledger with pre-decision fields).

**Scope:** Phase 1 detectors are shape-only — order/transaction IDs, card-last-4, email, US phone, ZIP+4, postal-address. ASINs and standalone names are a future detector class pending spec-aware detection work. A passing gate is the floor, not "PII-clean."

```bash
cli-printing-press pii-audit <cli-dir>
```

The audit writes `<cli-dir>/.printing-press-pii-polish.json`. Promote and publish re-run the audit themselves, so the ledger header is the authority — they refuse if pending findings or gate failures remain.

When polish resolved a manuscripts run directory, run the audit with `--manuscripts-dir <run-dir>`. That adds only `<run-dir>/research.json` and `<run-dir>/research/*.md` to the scan and reports them as `.manuscripts/<run-id>/...` paths, matching the publish-staged tree.

## The accept contract

Every `status: "accepted"` entry must populate:

- **`category`** — one of `attribution`, `place_name`, `corporate_name`, `documentation_example`, `api_provider_data`, `synthetic_placeholder`, `other`. The closed enum forces a specific claim about *what shape of non-PII this is*.
- **`evidence_context`** — quote the surrounding 1-2 lines from the source. Lets a reviewer judge the category claim by reading only the ledger.
- **`note`** — free-form; required only when `category` is `other`.

```json
{
  "kind": "email",
  "file": "data.json",
  "line": 17,
  "matched_span": "alice@example.com",
  "status": "accepted",
  "category": "documentation_example",
  "evidence_context": "Inside README's 'Sample request' block, under a code fence demonstrating customer-email; reserved @example.com TLD."
}
```

If `category` and `evidence_context` can't be filled honestly, the finding isn't yet understood. Re-read the source and either fix it or pick a sharper category.

## Per-finding decision

For each pending finding, read 1-2 lines on either side of the match and pick one outcome:

| Outcome | When | What to do |
|---|---|---|
| **Fix in source** | Real customer value (captured order, sniff response, etc.) | Replace with the non-matching placeholder from the table below |
| `category: api_provider_data` | Vendor's published example (Stripe docs use `4242`, support@vendor.com, etc.) | Cite vendor docs URL or captured field name in `evidence_context` |
| `category: documentation_example` | Example value in README/SKILL prose teaching how a field works | Quote the documentation context |
| `category: synthetic_placeholder` | Already a standards-reserved synthetic (`user@example.com`, `+1-555-01xx`, `90210-1234`, `1 EXAMPLE WAY`) | Name the convention in `evidence_context` |
| `category: other` | Non-PII shape that matched (request ID, batch ID, version range hitting ZIP regex) | Required `note` names what the value actually is |

### Replacement placeholders

Use these to avoid re-flagging on the next audit:

| Detector | Placeholder (does not re-match) |
|---|---|
| `card-last-4` | `PII_CARD_LAST4_EXAMPLE` |
| `email` | `PII_EMAIL_EXAMPLE` |
| `phone-us` | `PII_PHONE_EXAMPLE` |
| `zip-plus-4` | `PII_ZIP_EXAMPLE` |
| `postal-address` | `PII_ADDRESS_EXAMPLE` |

When a downstream consumer (parser, schema validator) needs a valid-shape value, use the standards-reserved synthetics — `user@example.com`, `+1-555-0100`, `90210-1234`, `1 EXAMPLE WAY` — and accept the first audit finding as `synthetic_placeholder`. Subsequent audits preserve the accept.

### Detector-specific notes

- **`zip-plus-4`** has high false-positive rate. Request IDs, batch IDs, correlation IDs, and version ranges all match the shape. Most pending findings here resolve to `category: other` with a `note` naming the actual field, not real PII.
- **`postal-address`** matches Title-Case and ALL-CAPS street names

Overview

Install

What is this skill?

What problem does it solve?

Who is it for?

When should I use this skill?

What do I get? / Deliverables

Recommended Skills

Journey fit

Who is printing-press-polish for?

When should I use printing-press-polish?

Is printing-press-polish safe to install?

SKILL.md

This week for builders

Overview

Install

What is this skill?

What problem does it solve?

Who is it for?

When should I use this skill?

What do I get? / Deliverables

Recommended Skills

Journey fit

Who is printing-press-polish for?

When should I use printing-press-polish?

Is printing-press-polish safe to install?

SKILL.md