Currently, there's no publically available list of items that are gathered by the Support Tool (SST). Generally speaking, it's registry information, event viewer information, logs and .dat files that are specifically related to areas our software "touches". As an example, we may gather the information from HKEY_LOCAL_MACHINE\SOFTWARE, but we don't gather sub-keys unless we're going to be in them...so HKLM\SOFTWARE\Yahoo may show up in an SST, but nothing in that key (or sub-keys) unless there's a specific part of our software that plugs into it...which, there isn't.
If you have specific concerns about sensative information, speak with your support representative or your sales rep about it.
One thing to note, however...do *not* try to sanitize data inside an .sdbz file. Customers have accessed the contents of these files in the past and stripped out data they felt was sensative, and because of this, the file isn't able to be opened, and isn't useful to support.