Quick Summary: ๐
PasteGuard is an OpenAI-compatible proxy that protects sensitive data by masking Personally Identifiable Information (PII) and secrets before they are sent to external LLM APIs. It offers two modes: Mask Mode for replacing data with placeholders and Route Mode for directing sensitive requests to local LLMs, ensuring data privacy.
Key Takeaways: ๐ก
โ PasteGuard is an OpenAI-compatible proxy, allowing integration simply by changing the API base URL in existing applications.
โ It masks a wide array of PII (names, emails, credit cards) and critical secrets (API keys, tokens) before they are sent to external LLM providers.
โ Supports both real-time streaming unmasking and PII detection across 24 different languages.
โ Route Mode allows developers to automatically send PII-heavy requests to local, self-hosted LLMs while routing general queries externally.
โ Being self-hosted and open-source (Apache 2.0), PasteGuard guarantees that your data protection logic remains entirely within your network and control.
Project Statistics: ๐
- โญ Stars: 397
- ๐ด Forks: 14
- โ Open Issues: 2
Tech Stack: ๐ป
- โ TypeScript
Every time your application uses an external Large Language Model, like GPT-4, you are essentially sending all your input dataโincluding sensitive customer names, emails, and internal business secretsโto a third-party server. For organizations dealing with strict privacy regulations or proprietary data, this is a massive compliance headache and a major security risk. We all love the power of LLMs, but we simply cannot afford to leak Personal Identifiable Information (PII) just to use them. This fundamental conflict between utility and privacy is the core problem PasteGuard solves.
This is where PasteGuard steps in as your essential privacy guardian. Think of it as a transparent filter sitting right in the middle of your LLM workflow. PasteGuard is an open-source, self-hosted, and fully OpenAI-compatible proxy. This means integrating it into your existing stack is incredibly simple: you just change the API URL in your code, and suddenly, you have a robust defense system protecting your data before it ever touches the external network. It acts as a gatekeeper, ensuring only sanitized data leaves your infrastructure.
PasteGuard offers two powerful modes, but the most straightforward is Mask Mode. When your application sends a prompt, PasteGuard instantly scans it for sensitive identifiersโnames, credit card numbers, API keys, and more, supporting detection across 24 languages. It replaces this sensitive data with generic placeholders, like [[PERSON_1]] or [[EMAIL_ADDRESS_1]]. The LLM processes this sanitized prompt, returns a response using the placeholders, and PasteGuard intelligently swaps the original sensitive data back in before delivering the clean, unmasked response to your application. The external LLM provider never sees the real PII, ensuring your compliance boundaries are respected.
For ultimate control and zero-trust environments, PasteGuard also offers Route Mode. If a request contains highly sensitive information that you absolutely cannot send externally, you can configure PasteGuard to automatically reroute that specific request to a local, self-hosted LLM instance (such as an instance running on Ollama or vLLM). All non-sensitive requests continue to your external provider. This provides a dynamic, smart routing layer that ensures your most critical data never leaves your infrastructure, while still leveraging powerful cloud models for general tasks. Developers benefit hugely from the built-in detection of infrastructure secrets, like API keys, tokens, and private keys, preventing accidental exposure in logs or prompts.
The developer experience is seamless because PasteGuard maintains full compatibility with the OpenAI API structure. You don't need to rewrite your LangChain, LlamaIndex, or custom SDK code. It even handles streaming responses in real-time, unmasking tokens as they arrive without introducing noticeable latency. Plus, the included web dashboard gives you real-time visibility into every request, showing you exactly what was protected and how, offering crucial transparency and auditability for security teams. This project is a must-have for any serious production environment utilizing third-party LLMs, making privacy protection easy and automatic.
Learn More: ๐
๐ Stay Connected with GitHub Open Source!
๐ฑ Join us on Telegram
Get daily updates on the best open-source projects
GitHub Open Source๐ฅ Follow us on Facebook
Connect with our community and never miss a discovery
GitHub Open Source
Top comments (0)