sketch-security-guardrails

joelklabo's avatarfrom joelklabo

Security and privacy guardrails for Sketch Magic. Use when handling API keys, logs, uploads, telemetry, or when debugging errors to avoid leaking secrets or user images.

0stars🔀0forks📁View on GitHub🕐Updated Jan 9, 2026
[Guardrails and Safety]

When & Why to Use This Skill

The Sketch Security Guardrails skill provides a robust framework for maintaining data privacy and security within AI agent workflows. It establishes strict protocols for handling sensitive information such as API keys, authentication tokens, and user-uploaded images, ensuring that debugging, logging, and telemetry processes do not lead to accidental data leaks or privacy breaches.

Use Cases

  • Secure Debugging: Safely troubleshoot application errors by masking API keys and sensitive headers in logs to prevent exposure of credentials.
  • Privacy-Preserving Telemetry: Implement minimal logging practices that track system performance and error codes without capturing raw user image data or full prompt contents.
  • Safe Documentation and Sharing: Provide guidelines for scrubbing console outputs and screenshots before sharing them in proof-of-concept videos or technical documentation.
  • Automated Secret Prevention: Use as a safety layer to ensure that base64 image bytes and file payloads are never stored in plaintext logs during development.
namesketch-security-guardrails
descriptionSecurity and privacy guardrails for Sketch Magic. Use when handling API keys, logs, uploads, telemetry, or when debugging errors to avoid leaking secrets or user images.

Sketch Security Guardrails

Overview

Provide safe handling rules for keys, logs, and user uploads while debugging or adding telemetry.

Workflow

  1. Never log secrets: API keys, bearer tokens, or auth headers.
  2. Never log raw images: no base64 image bytes or file payloads.
  3. Avoid full prompts: log only prompt length or hash.
  4. Telemetry minimalism: only metadata (duration, provider, error code).
  5. Review logs before sharing: scrub console output in proof videos or screenshots.

Safe Debug Patterns

  • Log error codes instead of full stack traces when user-visible.
  • Use sample files or stubbed requests for proof videos.
  • Keep logs off by default unless ENABLE_TELEMETRY=true.

References

  • references/security-guardrails.md
sketch-security-guardrails – AI Agent Skills | Claude Skills