The latest articles on DEV Community by Raihan Kabir (@raaihank). https://dev.to/raaihank https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3472327%2F3e5a05a8-8fcc-45ce-8eea-b5378a974762.png https://dev.to/raaihank en Raihan Kabir Mon, 01 Sep 2025 06:26:02 +0000 https://dev.to/raaihank/llm-sentinel-shield-your-ai-calls-from-leaking-secrets-39k4 https://dev.to/raaihank/llm-sentinel-shield-your-ai-calls-from-leaking-secrets-39k4 <p>Every day, API keys, tokens, emails, and DB URLs slip into prompts, logs, or demos. Once they hit the LLM, they’re out of your control.</p> <p>I built LLM-Sentinel, a privacy-first proxy that:</p> <ul> <li><p>Intercepts requests to OpenAI, Ollama, Claude, etc.</p></li> <li><p>Masks 52 types of sensitive data (API keys, creds, emails, credit cards, SSNs).</p></li> <li><p>Works with streaming, adds no noticeable latency (1-3ms).</p></li> <li><p>Comes with a real-time dashboard to watch what’s being masked.</p></li> <li><p>Zero data retention. All secrets stay local.</p></li> </ul> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3hpc9hsw0qttds42vmxi.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3hpc9hsw0qttds42vmxi.png" alt="LLM Sentinel Architecture" width="800" height="385"></a></p> <p>How it works:<br> Swap your SDK base URL:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="n">client</span> <span class="o">=</span> <span class="n">openai</span><span class="p">.</span><span class="nc">OpenAI</span><span class="p">(</span> <span class="n">api_key</span><span class="o">=</span><span class="sh">"</span><span class="s">sk-...</span><span class="sh">"</span><span class="p">,</span> <span class="n">base_url</span><span class="o">=</span><span class="sh">"</span><span class="s">http://localhost:5050/openai/v1</span><span class="sh">"</span> <span class="p">)</span> <span class="c1"># Input: My AWS key is AKIA... and email user@company.com # Model sees: My AWS key is [AWS_ACCESS_KEY_MASKED] and email [EMAIL_MASKED]. </span></code></pre> </div> <p>Install:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install</span> <span class="nt">-g</span> llm-sentinel llmsentinel <span class="nb">help</span> </code></pre> </div> <p>or run via Docker:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>docker pull raaihank/llm-sentinel:latest docker run <span class="nt">-p</span> 5050:5050 raaihank/llm-sentinel:latest </code></pre> </div> <p>Repo: <a href="https://www.github.com/raaihank/llm-sentinel" rel="noopener noreferrer">github.com/raaihank/llm-sentinel</a></p> <p>Feedback and contributions welcome. If you find this useful, drop a ⭐ on GitHub.</p>