README.md

June 29, 2026 · View on GitHub

PasteGuard

CI License Release

AI gets the context. Not your private data.
PasteGuard masks PII and secrets before they reach ChatGPT, Claude, Gemini, your API provider, Codex, or Claude Code.

Browser Chat · Apps & APIs · Coding Agents · Documentation


PasteGuard masks names, emails, and API keys before they reach AI

You keep the originals. Providers see placeholders.
Run it locally or self-host it in your own infrastructure.

What PasteGuard Protects

PasteGuard is a local-first privacy layer for teams that cannot send raw client data, customer records, logs, credentials, or production details directly to model providers.

It works in three places:

Browser Chat

ChatGPT, Claude, and Gemini. Paste customer notes, contracts, support tickets, candidate details, or internal context without sending the raw private values to the chat provider. You see the originals; the AI sees placeholders.

The experimental browser extension is available for ChatGPT, Claude, and Gemini.

Install the extension → · Chat docs →

Apps & APIs

Apps, SDKs, and internal AI products. Point your application to PasteGuard instead of the provider directly.

Change one base URL. PasteGuard masks the request, forwards it to the configured provider, and restores supported placeholders in the response.

Apps & APIs docs

Coding Agents

Codex, Claude Code, Cursor, Windsurf, Copilot, and other coding agents. Agent prompts often include logs, stack traces, tickets, config files, test fixtures, and codebase context. PasteGuard masks secrets and PII before that context leaves your machine.

Coding Agents docs

Built For Strict Privacy Rules

PasteGuard is a privacy control point before AI providers. It can support regulated workflows, but it does not replace your legal, security, or compliance program.

Use it when your current options are:

  • Do not use cloud AI for sensitive work
  • Redact client or production data manually
  • Switch to a local model even when a cloud provider would give better results
  • Build one-off masking code inside every app

Quick Start

Run PasteGuard as a local proxy:

docker run --rm -p 3000:3000 ghcr.io/sgasser/pasteguard:latest

Open localhost:3000 for the dashboard.

Point your app or agent to PasteGuard instead of the provider:

TargetPasteGuard URLOriginal URL
OpenAIhttp://localhost:3000/openai/v1https://api.openai.com/v1
Anthropichttp://localhost:3000/anthropichttps://api.anthropic.com
Codex CLIhttp://localhost:3000/codexhttps://chatgpt.com/backend-api/codex
from openai import OpenAI

client = OpenAI(base_url="http://localhost:3000/openai/v1")

For custom config, persistent logs, Docker Compose, or detector settings: Read the docs.

Privacy Modes

Mask Mode

Mask Mode replaces PII and secrets with placeholders before sending the request to the upstream AI provider. Supported responses are restored before they return to the user.

Route Mode

Route Mode sends requests containing sensitive data to a local LLM such as Ollama, vLLM, or llama.cpp. Requests without sensitive data can still go to the configured cloud provider.

Route Mode docs

What It Catches

Personal data: Names, locations, emails, phone numbers, credit cards, IBANs, IP addresses, and EU VAT numbers. Detection is multilingual.

Secrets: API keys for providers such as OpenAI, Anthropic, Stripe, AWS, and GitHub; SSH and PEM private keys; JWT tokens; bearer tokens; passwords; and connection strings.

Both are detected and masked in real time, including streaming responses.

Dashboard

Every request is logged with masking details. See what was detected, what was masked, and what reached the provider.

PasteGuard Dashboard

localhost:3000

How Detection Works

Detection runs as a separate service that PasteGuard calls over HTTP, so you can run it wherever you like. It combines deterministic checks and checksums for structured values with a small AI model (GLiNER) for names and places.

Code, Docker image, and tests are in detector/.

Tech Stack

Bun · Hono · GLiNER + python-stdnum (detector/) · SQLite or Postgres

Contributing

See CONTRIBUTING.md for guidelines on how to contribute.

License

Apache 2.0