Skip to content

KikuAI-Lab/masker

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits
.github
.github
 
 
app
app
 
 
demo
demo
 
 
docs
docs
 
 
examples
examples
 
 
monitoring
monitoring
 
 
policies
policies
 
 
tests
tests
 
 
.env.example
.env.example
 
 
.gitignore
.gitignore
 
 
CHANGELOG.md
CHANGELOG.md
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
Masker-logo.png
Masker-logo.png
 
 
RAPIDAPI.md
RAPIDAPI.md
 
 
RAPIDAPI_DOCS.md
RAPIDAPI_DOCS.md
 
 
RAPIDAPI_LISTING.md
RAPIDAPI_LISTING.md
 
 
RAPIDAPI_README.md
RAPIDAPI_README.md
 
 
README.md
README.md
 
 
SUPPORT.md
SUPPORT.md
 
 
TERMS.md
TERMS.md
 
 
docker-compose.prod.yml
docker-compose.prod.yml
 
 
docker-compose.yml
docker-compose.yml
 
 
masker.postman_collection.json
masker.postman_collection.json
 
 
openapi.json
openapi.json
 
 
openapi.rapidapi.yaml
openapi.rapidapi.yaml
 
 
pyproject.toml
pyproject.toml
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

image

Masker

Python 3.11+ FastAPI spaCy License: AGPL-3.0 Docker

PII redaction API for LLMs. Remove personal data before sending to ChatGPT, Claude, or any AI.

What it does

Input:  "Contact John Doe at john@example.com"
Output: "Contact <PERSON> at <EMAIL>"

Masker detects and redacts:

  • EMAIL — email addresses
  • PHONE — phone numbers
  • CARD — credit card numbers
  • PERSON — person names (AI-powered)

Quick Start

docker run -p 8000:8000 ghcr.io/kikuai-lab/masker
curl -X POST http://localhost:8000/v1/redact \
  -H "Content-Type: application/json" \
  -d '{"text": "Email me at john@example.com", "mode": "placeholder"}'

LLM Proxy (OpenAI-compatible)

Drop-in replacement for /v1/chat/completions that automatically redacts PII:

import openai

client = openai.OpenAI(
    base_url="http://localhost:8000/v1",
    api_key="your-openai-key",
    default_headers={"X-Api-Key": "your-masker-key"}
)

response = client.chat.completions.create(
    model="gpt-4",
    messages=[{"role": "user", "content": "My email is john@example.com"}]
)
# PII redacted before reaching OpenAI

Features

  • Text & JSON — process plain text or nested JSON
  • Policy system — configure mask/drop/placeholder per PII type
  • Audit logging — JSONL logs without storing raw text
  • Fail modesclosed (block) or open (pass-through)
  • Multi-tenant — API key authentication
  • Multi-language — English & Russian NER

Installation

git clone https://github.com/KikuAI-Lab/masker.git
cd masker
cp .env.example .env
docker-compose up -d

Configuration

MASKER_API_KEYS=sk-key1:tenant1,sk-key2:tenant2
MASKER_UPSTREAM_URL=https://api.openai.com/v1/chat/completions
MASKER_DEFAULT_FAIL_MODE=closed

See .env.example for all options.

Documentation

📖 Wiki — full documentation

API

Endpoint Description
POST /v1/redact Redact PII from text or JSON
POST /v1/chat/completions OpenAI-compatible proxy
GET /health Health check
GET /metrics Prometheus metrics

Security & Architecture


Stateless by Design. Masker is a firewall, not a storage bucket.

  • Zero Data Retention — Payloads are processed in RAM and forgotten instantly.
  • Local Intelligence — No 3rd party API calls. All ML runs on your CPU.
  • Air-Gapped Logic — Container requires no internet access to function.

📖 Read about our Stateless Architecture to understand how we guarantee data privacy.

License

AGPL-3.0 — KikuAI OÜ

About

Masker - PII Redaction API for LLMs. Remove personal data before sending to ChatGPT, Claude, etc.

kikuai-lab.github.io/masker/

Topics

python privacy openai compliance gdpr pii data-anonymization fastapi pii-detection pii-redaction llm chatgpt

Resources

Readme

License

AGPL-3.0 license

Contributing

Contributing
Activity
Custom properties

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Contributors 3

Languages