You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Local Veil engine with L1 detection, conflict resolution, deterministic reversible PAIArtVeil_ tokenization, scoped restore state, and fail-closed policy validation.
Public SDK text, provider-native wire, and stream restore surfaces.
Standalone loopback proxy for Anthropic Messages / Claude Code, live-accepted on
2026-06-17 against real Claude Code traffic.
OpenAI Responses provider path for Codex CLI with offline verification, sanitized
fixtures, and local Codex CLI Responses live acceptance as the v0.1.0 OpenAI Responses
protocol evidence. A separate direct api.openai.com official-service run is not
claimed.
Maintained examples/embed SDK reference integration outside the standalone proxy.
Local JSON policy file support for token, ignore, and block, with strict
fail-closed validation for unknown keys, reserved operators, and non-empty rule_sets.
Release documentation: deployment guide, Claude Code guide, Codex guide, SDK API
reference, security policy, and contribution guide.
Release hardening: unsupported proxy endpoints fail closed before upstream egress, and
Anthropic protected text/tool-I/O request-shape drift fails closed instead of silently
forwarding unchecked plaintext-bearing blocks. Opaque media/document payloads and
provider thinking/control traces remain outside the v0.1.0 de-identification surface.
Codex live acceptance: Codex CLI 0.140.0 passed a controlled Responses-wire run through
Veil with a Responses-compatible upstream. This is the v0.1.0 OpenAI Responses
protocol evidence.
CLI policy startup: fixed the no-policy-file path so veil proxy actually uses the
built-in default policy instead of passing a typed nil local provider into the engine.
Multi-platform release automation: local scripts and a tag-triggered GitHub Release
workflow build darwin/linux/windows amd64/arm64 binaries with SHA-256 checksums, race
tests, and release notes sliced to the current changelog section.
End-user install paths: curl and PowerShell installers, npm package distribution, and
Homebrew formula generation/publishing backed by the same GitHub Release checksums.
Security
Hardened L1 secret suppressors so provider-prefixed credentials in *_id fields,
dash-spelled AWS Secret-Access-Key headers, and secret-looking hex values in strong
secret contexts are not dropped by generic false-positive suppressors.
Made outbound masking idempotent for existing PAIArtVeil_ tokens so residual or orphan tokens
from earlier turns are not wrapped into nested tokens on a later provider-bound request.
Masked hex-only credential values in api_key, apikey, token, and related strong
secret contexts instead of suppressing them as generic hashes.
Restored the longest store-resident PAIArtVeil_ token prefix when a token is
immediately followed by additional lowercase hex, and made later outbound masking treat
the extra hex suffix as new SECRET text instead of hiding it inside the token guard.
Hardened fabricated or unknown PAIArtVeil_ token-shaped prefixes followed by substantial
lowercase hex so the adjacent hex suffix is masked instead of passing through as plain
text.
Suppressed code-reference false positives such as process.env.API_KEY, config.get(...), and parseToken(...) without regressing real secret detection.
Rejected local policy files whose effective operator coverage ignores every supported
sensitive type.
Tightened OpenAI Responses request handling: string prompt.variables values are masked,
while non-string prompt variables, input_image, and input_file fail closed until
explicit file/image payload handling exists.
Escaped provider JSON path keys containing backslashes before applying masked values in
OpenAI Responses and Anthropic provider walkers.
Reserved / planned
OpenAI Chat, Gemini, remote MCP egress classification, L2 default-on semantic PII,
HTTP/gRPC service, local web console, redact, format_preserving, and configurable
rule packs remain planned or reserved.
A separate direct api.openai.com official-service end-to-end run is not part of the
v0.1.0 release gate and is not claimed.
