privacy-filter  by packyme

LLM privacy gateway for PII and secret redaction

Created 1 month ago
289 stars

Top 90.8% on SourcePulse

GitHubView on GitHub
Project Summary

This project provides a high-performance, privacy-focused gateway component for LLM applications. It addresses the critical need to automatically redact Personally Identifiable Information (PII) and sensitive secrets from user input before it reaches large language models, ensuring compliance and data security. Designed for developers building LLM-powered services, it offers millisecond latency and a single static binary deployment, minimizing operational overhead.

How It Works

The filter operates using a pure Go implementation, eschewing external models, GPUs, or CGO for maximum efficiency and portability. It employs a two-layer detection strategy: structured PII (emails, phones, IDs, bank cards, IPs) via regex, and secrets/credentials (API keys, tokens, passwords) using a `gitleaks` ruleset combined with contextual regex and a Shannon-entropy fallback. Detected entities are processed into merged, de-overlapped spans, and the text is rebuilt with typed, irreversible placeholders. This approach guarantees millisecond latency and avoids the performance pitfalls of traditional NER models.

Quick Start & Requirements

The project can be integrated as a core Go package (`import "privacyfilter/filter"`) for direct use within gateways, or deployed as standalone HTTP (`cmd/http`) or gRPC (`cmd/grpc`) services. Building the services requires the Go toolchain. The core package depends only on `BurntSushi/toml`. A `Dockerfile` is included for containerized deployments. The `gitleaks.toml` ruleset can be provided or a built-in fallback used.

Highlighted Details

  • Millisecond latency on text of any length.
  • Production-ready, used by PackyCode.
  • Single static binary deployment, no external dependencies beyond Go.
  • Linear-time Go regex engine (RE2) prevents ReDoS vulnerabilities.
  • Dual-layer detection for comprehensive PII and secret redaction.

Maintenance & Community

The README does not provide specific details on maintainers, community channels (e.g., Discord, Slack), or a public roadmap.

Licensing & Compatibility

The project's license is not explicitly stated in the README. This omission requires clarification for assessing commercial use compatibility or understanding any copyleft implications.

Limitations & Caveats

The filter does not perform Named Entity Recognition (NER) for person, place, or organization names, as this requires slower models. The entropy fallback mechanism may occasionally flag legitimate high-entropy strings; tuning the threshold or using an allowlist is advised. For HTTP/gRPC deployments, implementing timeouts (150-300ms) and a fail-closed strategy on errors is recommended to prevent raw data leakage.

Health Check
Last Commit

1 month ago

Responsiveness

Inactive

Pull Requests (30d)
0
Issues (30d)
0
Star History
76 stars in the last 30 days

Explore Similar Projects

Feedback? Help us improve.