{
  "id": "shroud-privacy",
  "name": "Shroud",
  "version": "2.5.7",
  "description": "Privacy obfuscation with deterministic fake values and deobfuscation — PII never reaches the LLM, tool calls still work",
  "configSchema": {
    "type": "object",
    "additionalProperties": false,
    "properties": {
      "secretKey": {
        "type": "string",
        "description": "HMAC secret for deterministic mapping. Auto-generated if empty."
      },
      "persistentSalt": {
        "type": "string",
        "description": "Fixed salt for cross-session consistency. Empty = random per session."
      },
      "minConfidence": {
        "type": "number",
        "minimum": 0,
        "maximum": 1,
        "default": 0,
        "description": "Minimum detector confidence to obfuscate"
      },
      "allowlist": {
        "type": "array",
        "items": {
          "type": "string"
        },
        "default": [],
        "description": "Values to never obfuscate (supports * and ? wildcards)"
      },
      "denylist": {
        "type": "array",
        "items": {
          "type": "string"
        },
        "default": [],
        "description": "Values to always obfuscate"
      },
      "canaryEnabled": {
        "type": "boolean",
        "default": false,
        "description": "Inject tracking tokens to detect data leakage"
      },
      "canaryPrefix": {
        "type": "string",
        "default": "SHROUD-CANARY",
        "description": "Prefix for canary tokens"
      },
      "auditEnabled": {
        "type": "boolean",
        "default": false,
        "description": "Track obfuscation events with tamper-evident chain hashing"
      },
      "verboseLogging": {
        "type": "boolean",
        "default": false,
        "description": "Alias for auditEnabled — enable verbose audit lines"
      },
      "auditLogFormat": {
        "type": "string",
        "enum": [
          "human",
          "json"
        ],
        "default": "human",
        "description": "Audit log output format"
      },
      "auditIncludeProofHashes": {
        "type": "boolean",
        "default": false,
        "description": "Include salted SHA-256 proof hashes in audit lines"
      },
      "auditHashSalt": {
        "type": "string",
        "default": "",
        "description": "Salt for proof hashes"
      },
      "auditHashTruncate": {
        "type": "integer",
        "default": 12,
        "minimum": 4,
        "maximum": 64,
        "description": "Truncate proof hashes to N hex chars"
      },
      "auditMaxFakesSample": {
        "type": "integer",
        "default": 0,
        "minimum": 0,
        "maximum": 20,
        "description": "Include up to N fake replacement values in audit log (0 = disabled)"
      },
      "detectorOverrides": {
        "type": "object",
        "additionalProperties": {
          "type": "object",
          "properties": {
            "enabled": {
              "type": "boolean"
            },
            "confidence": {
              "type": "number",
              "minimum": 0,
              "maximum": 1
            }
          }
        },
        "default": {},
        "description": "Override built-in detector rules: disable or change confidence by rule name"
      },
      "customPatterns": {
        "type": "array",
        "items": {
          "type": "object",
          "properties": {
            "name": {
              "type": "string"
            },
            "pattern": {
              "type": "string"
            },
            "category": {
              "type": "string"
            }
          },
          "required": [
            "name",
            "pattern"
          ]
        },
        "default": [],
        "description": "User-defined regex patterns for custom PII detection"
      },
      "maxToolDepth": {
        "type": "integer",
        "default": 10,
        "minimum": 1,
        "maximum": 100,
        "description": "Max nested tool call depth before warning"
      },
      "redactionLevel": {
        "type": "string",
        "enum": [
          "full",
          "masked",
          "stats"
        ],
        "default": "full",
        "description": "Output mode: full (fake values), masked (partial masking), stats (category placeholders)"
      },
      "dryRun": {
        "type": "boolean",
        "default": false,
        "description": "Detect entities but don't replace — useful for testing detection rules"
      },
      "maxStoreMappings": {
        "type": "integer",
        "default": 0,
        "minimum": 0,
        "description": "Max mapping store size; oldest entries evicted when exceeded. 0 = unlimited."
      }
    }
  },
  "uiHints": {
    "secretKey": {
      "label": "Secret Key",
      "help": "HMAC secret for deterministic mapping. Auto-generated if empty.",
      "sensitive": true
    },
    "persistentSalt": {
      "label": "Persistent Salt",
      "help": "Fixed salt for cross-session mapping consistency."
    },
    "minConfidence": {
      "label": "Min Confidence",
      "help": "Detection confidence threshold (0.0-1.0)"
    },
    "canaryEnabled": {
      "label": "Enable Canary Tokens",
      "help": "Inject tracking tokens to detect PII leakage"
    },
    "auditEnabled": {
      "label": "Enable Audit Log",
      "help": "Tamper-evident obfuscation event tracking"
    }
  },
  "enterpriseAgent": {
    "adapter": "ncg_adapter.py",
    "adapterClass": "ShroudPlugin",
    "server": "app-server.mjs",
    "protocol": "app-1.0"
  },
  "ncg": {
    "adapter": "ncg_adapter.py",
    "adapterClass": "ShroudPlugin",
    "server": "app-server.mjs",
    "protocol": "app-1.0"
  },
  "app": {
    "server": "app-server.mjs",
    "adapter": "ncg_adapter.py",
    "adapterClass": "ShroudPlugin",
    "protocol": "app-1.0"
  },
  "compatibility": {
    "minOpenClawVersion": "2026.3.24"
  }
}