Skip to main content

PII Anonymization

The PiiGuard scrubs personally identifiable information from messages before they reach the LLM, preventing accidental PII exposure in model interactions.

Configuration

import { PiiGuard } from "@radaros/core";

const guard = new PiiGuard({
  builtIn: ["email", "phone", "ssn", "creditCard"],
  action: "placeholder", // "redact" | "hash" | "placeholder"
  rehydrate: true,       // restore PII in final output
});

Built-in PII Types

TypePattern
emailStandard email addresses
phoneUS phone numbers (with optional country code)
ssnSocial Security Numbers (XXX-XX-XXXX)
creditCardCredit card numbers (XXXX-XXXX-XXXX-XXXX)
ipAddressIPv4 addresses
nameTwo-word proper names (Capitalized)

Actions

ActionExample InputExample Output
placeholderjohn@example.com[EMAIL_1]
redactjohn@example.com[REDACTED]
hashjohn@example.com[HASH_a1b2c3d4]

Integration

As a beforeLLMCall hook (scrubs every roundtrip)

const agent = new Agent({
  name: "safe-bot",
  model: openai("gpt-4o"),
  loopHooks: {
    beforeLLMCall: guard.toBeforeLLMCallHook(),
    afterToolExec: guard.toAfterToolExecHook(),
  },
});

As an Input Guardrail

const agent = new Agent({
  name: "safe-bot",
  model: openai("gpt-4o"),
  guardrails: {
    input: [guard.toInputGuardrail()],
  },
});

Custom Patterns

const guard = new PiiGuard({
  patterns: [
    { name: "employee_id", regex: /EMP-\d{6}/g },
    { name: "project_code", regex: /PRJ-[A-Z]{3}-\d{4}/g },
  ],
  action: "placeholder",
});

Rehydration

When rehydrate: true, the guard maintains a mapping of placeholders to original values. Call guard.rehydrate(text) on the final output to restore PII before returning to the user.