Show HN: Prompt Armour — Real-time PII detection for AI chatbots, 100% local: https://prompt-armour.vercel.app/
They claim redaction in ~0.2s. If your agents call external LLMs, a pre-flight PII filter is the minimum. Test it; don’t assume perfection.
My priority order when hardening prompts: deterministic rules first (AWS keys: AKIA[0-9A-Z]{16}; SSN: \b\d{3}-\d{2}-\d{4}\b; cc: \b(?:\d[ -]*?){13,16}\b), then lightweight NER (spaCy small or Distil models) for names/addresses.
Practical pipeline: pre-flight rules → redact/hash matched spans → run NER on remaining text → attach structured audit metadata → hold-for-human if sensitive. Rules = ms, NER = ~10–200ms depending on model/CPU. Keep the fast path cheap.
Takeaway: 100% local detection lowers token-leak risk but introduces false positives and context loss. For legal/finance require human approval and BYOK (bring-your-own-key). How do you surface false positives to reviewers without re-exposing secrets?
Top comments (0)