pyveil v0.1.0
pyveil v0.1.0
Redact secrets before your AI agent sees them.
pyveil is agent-native redaction middleware for prompts, tool calls, MCP resources, logs, traces, and memory. v0.1.0 focuses on a tiny standard-library core, high-precision detectors, stable HMAC placeholders, channel-aware policy, and agent-readable docs.
Highlights
- Agent-native channels:
prompt.input,prompt.output,tool.call.arguments,tool.call.result,mcp.resource.content,memory.write,trace.span.attributes, andlog.record - Public API:
Veil.high(),Veil.low(),redact_text(),redact_data(),Policy,Finding,RedactionResult - Stable placeholders:
[TYPE:12hexchars]from HMAC-SHA256 with caller-provided secret and scope - High-precision detectors: email, phone, credit card with Luhn, JWT, auth headers, private key blocks, provider API-key prefixes, URL query secrets, and structured key-value secrets
- Structured redaction for dict/list/JSON payloads while preserving shape
- CLI:
pyveil redact,pyveil scan,pyveil init,pyveil test-config - Agent-facing docs:
AGENTS.md,llms.txt, threat model, known limitations, detector provenance, and integration examples
Guides
- English usage guide: see attached
pyveil-usage-guide-en.mp4 - Korean usage guide: see attached
pyveil-usage-guide-ko.mp4
Safety Notes
pyveil does not store raw sensitive values in findings by default. It is not a DLP suite, compliance guarantee, prompt-injection firewall, secret-scanning replacement, or reversible vault.
Verification
ruff check .mypy pyveil testspytest: 34 passed, 91% coverage- Python 3.8 through 3.14 compatibility matrix passed locally
- sdist/wheel build and
twine checkpassed - isolated wheel import and CLI smoke tests passed