Right now, the | strip-private filter does way too much — it obfuscates IP and MAC addresses even, so configs it produces are certainly safe to share on public forums and channels, but their debugging value is limited.
The implementation also uses regexes so it's prone to false positives and it's impossible to tell from the code which exact config paths it redacts.
We should rework it to leave more decisions to the user and to make its obfuscation logic clearer.