PII redaction
Strip emails, phones, SSNs, and API keys from messages before they reach the model or get written to logs.
User messages, tool results, and memory retrieval can all carry sensitive data you never intended to send to a third-party API. createPIIRedactor intercepts that text before it leaves your process and replaces matched patterns with labeled placeholders.
import { createPIIRedactor, DEFAULT_PII_RULES } from '@agentskit/core/security'
const redactor = createPIIRedactor({ rules: DEFAULT_PII_RULES })
const clean = redactor.redact('Ping me at ada@example.com, SSN 123-45-6789')
// => 'Ping me at [EMAIL], SSN [SSN]'#Built-in rules
EMAIL Β· PHONE Β· SSN Β· CREDIT_CARD Β· IPV4 Β· IPV6 Β·
API_KEY_PREFIX Β· AWS_ACCESS_KEY_ID.
#Custom rules
createPIIRedactor({
rules: [
...DEFAULT_PII_RULES,
{ name: 'ORG_ID', pattern: /org_[a-zA-Z0-9]{16}/g, replacement: '[ORG]' },
],
})#Pipeline integration
Attach as observer to redact events, or pre-process user input before
chat.send.
#Related
Explore nearby
- PeerSecurity
Six primitives for production agents: PII redaction, injection detection, rate limiting, audit log, sandbox enforcement, and HITL approvals.
- PeerPrompt injection
Detect instruction-hijacking patterns in user input, tool results, and RAG chunks before they reach the model.
- PeerInput validation
Schema validation of tool inputs and user messages β zod, JSON Schema, prompt injection, length limits, and allowlists.