TRCAA
Trust

PII Detection

What gets redacted before data ever leaves your machine.

No text reaches an AI provider without going through detection and your explicit approval first. This isn't a setting to enable — it's the only path data can take out of the app.

log file → detect_pii() → you approve each span → apply_redactions() → AI provider

What gets detected

TypeReplaced with
URLs with embedded credentials[URL]
Bearer tokens[Bearer]
API keys / access tokens[ApiKey]
Passwords[Password]
Social security numbers[SSN]
Credit card numbers (Visa/MC/Amex/Discover/JCB/Diners)[CreditCard]
Email addresses[Email]
MAC addresses[MAC]
IPv4 / IPv6 addresses[IPv4] / [IPv6]
Phone numbers[Phone]
Internal hostnames / FQDNs[Hostname]

Overlapping matches

When two patterns match the same text, the longer match wins — so, for example, a full credentialed URL is redacted as one unit rather than leaving fragments of the embedded password exposed.

You approve every span

Detected spans are shown in a before/after diff. Nothing is sent until you approve it — reject any span you don't want redacted-and-sent, or don't want sent at all.

The original, unredacted text never leaves your machine. Only the redacted version is transmitted, and its SHA-256 hash is recorded in the audit log — so you can later verify exactly what was sent, without the raw sensitive values ever being stored longer than necessary.

Why this matters for public safety / critical infra

  • Incident logs routinely contain internal hostnames, IPs, and credentials — exactly the material that shouldn't leave a secure network unreviewed
  • Detection runs locally, in Rust, before any network call is even attempted
  • Works identically whether you're on a cloud AI provider or fully offline via Ollama