--- name: document-redaction description: Workflows for safely redacting sensitive data (IPs, credentials, domains) from IT documents, logs, and plans. --- # Document Redaction & Data Sanitization ## Trigger When asked to make a document "public-safe", "redact", or "sanitize" logs, configs, or architectural plans. ## Workflow 1. **Analyze the Source:** Read the document to identify classes of sensitive information (Vendor names, server names, internal IPs, domains, names/emails, passwords/keys). 2. **Scripted Redaction (Python):** Write a Python script using the `re` module for robust multi-pass regex replacements. This is far less error-prone than chained `sed` commands for complex files. 3. **Target Categories:** - **Entities/People:** Map explicit names (e.g., `John Doe` -> `[Lead Developer]`). - **Vendors:** Map third parties (e.g., `AWS`, `Hetzner` -> `[CLOUD-PROVIDER]`). - **Servers:** Map hostnames (e.g., `app1-bu` -> `[STANDBY-HOST]`). - **Emails:** `re.sub(r'\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z|a-z]{2,7}\b', '[EMAIL-REDACTED]', text)` - **IPs:** `re.sub(r'\b(?:\d{1,3}\.){3}\d{1,3}\b', '[IP-REDACTED]', text)` 4. **Mandatory Verification:** You MUST run `grep -iE "original_term1|original_term2|ip_regex"` on the generated output file to guarantee zero leakage before delivering the final artifact. Repeat the script generation/running until the `grep` commands return zero hits. ## Pitfalls - **Domain/Subdomain overlap:** Redacting `example.com` might miss or corrupt `sub.example.com`. Map full known URLs to generic placeholders (e.g., `[OPS-PORTAL-DOMAIN]`). - **Blind spots:** Regex won't catch specific executive names or custom server hostnames. Explicitly map known internal names first. - **Over-redaction:** Don't redact standard public URLs (like `get.docker.com` or `github.com`) that provide technical value and pose no security risk. ## Support Files - `scripts/redact_template.py` - Starter script for Python-based document redaction.