Found during a code-quality / docs pass.
In agent_os/credential_redactor.py (around lines 101-199), redact() / redact_data_structure() iterate only PATTERNS (secret-like material), not PII_PATTERNS (email / phone / SSN / credit-card / IP). So PII is detected by find_pii_matches() but not removed by redact(). The class docstring's 'redact sensitive material' phrasing can lead a caller to assume PII is scrubbed when persisting/returning data.
Suggestion: either add an opt-in redact_pii=True path, or clarify in the docstring that redact() is secrets-only.
Separately, the SSN pattern here (\d{3}-\d{2}-\d{4}) is narrower than the one in integrations/base.py (which also accepts space/dot/no-separator) — reconciling to one shared pattern would avoid divergent detection.
Found during a code-quality / docs pass.
In
agent_os/credential_redactor.py(around lines 101-199),redact()/redact_data_structure()iterate onlyPATTERNS(secret-like material), notPII_PATTERNS(email / phone / SSN / credit-card / IP). So PII is detected byfind_pii_matches()but not removed byredact(). The class docstring's 'redact sensitive material' phrasing can lead a caller to assume PII is scrubbed when persisting/returning data.Suggestion: either add an opt-in
redact_pii=Truepath, or clarify in the docstring thatredact()is secrets-only.Separately, the SSN pattern here (
\d{3}-\d{2}-\d{4}) is narrower than the one inintegrations/base.py(which also accepts space/dot/no-separator) — reconciling to one shared pattern would avoid divergent detection.