Summary
The agent already extracts prompt text from outbound LLM requests, but there is no mechanism to detect or mask sensitive data (PII, credentials, etc.) in that content before it reaches the LLM provider.
Proposed direction
- scan extracted prompt content for PII (names, emails, phone numbers, etc.)
- mask or anonymize before the request is forwarded
What to clarify
- which PII categories to cover initially
- how much extra latency is acceptable
If this does not match the intended direction, please leave comments to clarify. Thanks :)
Summary
The agent already extracts prompt text from outbound LLM requests, but there is no mechanism to detect or mask sensitive data (PII, credentials, etc.) in that content before it reaches the LLM provider.
Proposed direction
What to clarify
If this does not match the intended direction, please leave comments to clarify. Thanks :)