Skip to main content

PII Filtering

Autrace scans every prompt and response for Personally Identifiable Information before it reaches the LLM or is stored in logs.

What's detected​

TypeExampleStored as
Emailuser@domain.com[EMAIL_REDACTED]
US SSN123-45-6789[SSN_REDACTED]
Credit card4111 1111 1111 1111[CREDIT_CARD_REDACTED]
Phone number+1 (555) 123-4567[PHONE_REDACTED]
IP address192.168.1.1[IP_REDACTED]
AWS keyAKIA...[AWS_KEY_REDACTED]

Default behavior​

PII is redacted (replaced with a placeholder) before forwarding to the LLM and before storing in the audit log.

The original prompt is never stored.

Configuration​

In Dashboard → Rules, you can create PII rules to change the action:

ActionWhat happens
redactReplace with placeholder (default)
blockReject the request with 403
logPass through but log the detection

Testing​

curl https://gateway.autraceai.com/v1/chat/completions \
-H "Authorization: Bearer aut_live_YOUR_KEY" \
-d '{"model":"openai/gpt-5.5","messages":[{"role":"user","content":"My SSN is 123-45-6789"}]}'

Check Dashboard → Logs — the stored prompt shows [SSN_REDACTED].