Skip to content

pyveil v0.1.0

Choose a tag to compare

@hyeonsangjeon hyeonsangjeon released this 27 Jun 10:58

pyveil v0.1.0

Redact secrets before your AI agent sees them.

pyveil is agent-native redaction middleware for prompts, tool calls, MCP resources, logs, traces, and memory. v0.1.0 focuses on a tiny standard-library core, high-precision detectors, stable HMAC placeholders, channel-aware policy, and agent-readable docs.

Highlights

  • Agent-native channels: prompt.input, prompt.output, tool.call.arguments, tool.call.result, mcp.resource.content, memory.write, trace.span.attributes, and log.record
  • Public API: Veil.high(), Veil.low(), redact_text(), redact_data(), Policy, Finding, RedactionResult
  • Stable placeholders: [TYPE:12hexchars] from HMAC-SHA256 with caller-provided secret and scope
  • High-precision detectors: email, phone, credit card with Luhn, JWT, auth headers, private key blocks, provider API-key prefixes, URL query secrets, and structured key-value secrets
  • Structured redaction for dict/list/JSON payloads while preserving shape
  • CLI: pyveil redact, pyveil scan, pyveil init, pyveil test-config
  • Agent-facing docs: AGENTS.md, llms.txt, threat model, known limitations, detector provenance, and integration examples

Guides

  • English usage guide: see attached pyveil-usage-guide-en.mp4
  • Korean usage guide: see attached pyveil-usage-guide-ko.mp4

Safety Notes

pyveil does not store raw sensitive values in findings by default. It is not a DLP suite, compliance guarantee, prompt-injection firewall, secret-scanning replacement, or reversible vault.

Verification

  • ruff check .
  • mypy pyveil tests
  • pytest: 34 passed, 91% coverage
  • Python 3.8 through 3.14 compatibility matrix passed locally
  • sdist/wheel build and twine check passed
  • isolated wheel import and CLI smoke tests passed