PyPI - ClawGuard-PII - Versions diffs - 0.1.0__tar.gz - Mend

ClawGuard-PII 0.1.0__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (16) hide show

clawguard_pii-0.1.0/PKG-INFO +12 -0
clawguard_pii-0.1.0/README.md +57 -0
clawguard_pii-0.1.0/pyproject.toml +30 -0
clawguard_pii-0.1.0/setup.cfg +4 -0
clawguard_pii-0.1.0/src/ClawGuard_PII.egg-info/PKG-INFO +12 -0
clawguard_pii-0.1.0/src/ClawGuard_PII.egg-info/SOURCES.txt +14 -0
clawguard_pii-0.1.0/src/ClawGuard_PII.egg-info/dependency_links.txt +1 -0
clawguard_pii-0.1.0/src/ClawGuard_PII.egg-info/entry_points.txt +2 -0
clawguard_pii-0.1.0/src/ClawGuard_PII.egg-info/requires.txt +7 -0
clawguard_pii-0.1.0/src/ClawGuard_PII.egg-info/top_level.txt +1 -0
clawguard_pii-0.1.0/src/clawguard/__init__.py +3 -0
clawguard_pii-0.1.0/src/clawguard/cli.py +15 -0
clawguard_pii-0.1.0/src/clawguard/redactor.py +90 -0
clawguard_pii-0.1.0/src/clawguard/server.py +102 -0
clawguard_pii-0.1.0/tests/test_redactor.py +189 -0
clawguard_pii-0.1.0/tests/test_server.py +207 -0

clawguard_pii-0.1.0/PKG-INFO ADDED Viewed

@@ -0,0 +1,12 @@
+Metadata-Version: 2.4
+Name: ClawGuard-PII
+Version: 0.1.0
+Summary: Local PII redaction service for OpenClaw using nvidia/gliner-PII
+License-Expression: Apache-2.0
+Requires-Python: >=3.10
+Requires-Dist: gliner>=0.2.0
+Requires-Dist: fastapi>=0.111.0
+Requires-Dist: uvicorn[standard]>=0.30.0
+Provides-Extra: dev
+Requires-Dist: pytest>=8.0.0; extra == "dev"
+Requires-Dist: httpx>=0.27.0; extra == "dev"

clawguard_pii-0.1.0/README.md ADDED Viewed

@@ -0,0 +1,57 @@
+# ClawGuard
+Local PII redaction server for [OpenClaw](https://openclaw.ai). Runs entirely on-device using [`nvidia/gliner-PII`](https://huggingface.co/nvidia/gliner-PII) — no data leaves your machine.
+Designed for use with the [pii-redactor](https://clawhub.com/skills/pii-redactor) OpenClaw skill.
+## Requirements
+- Python 3.10+
+## Install
+```bash
+  pip install clawguard
+```
+## Quickstart
+1. Generate a token:
+```bash
+  python3 -c "import secrets; print(secrets.token_hex(32))"
+```
+2. Start the server:
+```bash
+  CLAWGUARD_TOKEN=<your-token> clawguard serve
+```
+3. Set env vars in your agent:
+```
+  CLAWGUARD_URL=http://localhost:8000
+  CLAWGUARD_TOKEN=<your-token>
+```
+## Supported Entity Types
+`nvidia/gliner-PII` was fine-tuned to extract the following entity types:
+* email
+* phone_number
+* ssn
+* credit_card_number
+* bank_account_number
+* ip_address
+* password
+* api_key
+* user_name
+* date_of_birth
+* drivers_license_number
+* passport_number
+* address
+* medical_record_number
+* health_insurance_id
+**License: Apache 2.0**

clawguard_pii-0.1.0/pyproject.toml ADDED Viewed

@@ -0,0 +1,30 @@
+[build-system]
+requires = ["setuptools>=68.0", "wheel"]
+build-backend = "setuptools.build_meta"
+[project]
+name = "ClawGuard-PII"
+version = "0.1.0"
+description = "Local PII redaction service for OpenClaw using nvidia/gliner-PII"
+requires-python = ">=3.10"
+license = "Apache-2.0"
+dependencies = [
+    "gliner>=0.2.0",
+    "fastapi>=0.111.0",
+    "uvicorn[standard]>=0.30.0",
+]
+[project.scripts]
+clawguard = "clawguard.cli:serve"
+[project.optional-dependencies]
+dev = [
+    "pytest>=8.0.0",
+    "httpx>=0.27.0",
+]
+[tool.setuptools.packages.find]
+where = ["src"]
+[tool.pytest.ini_options]
+testpaths = ["tests"]

clawguard_pii-0.1.0/setup.cfg ADDED Viewed

@@ -0,0 +1,4 @@
+[egg_info]
+tag_build =
+tag_date = 0

clawguard_pii-0.1.0/src/ClawGuard_PII.egg-info/PKG-INFO ADDED Viewed

@@ -0,0 +1,12 @@
+Metadata-Version: 2.4
+Name: ClawGuard-PII
+Version: 0.1.0
+Summary: Local PII redaction service for OpenClaw using nvidia/gliner-PII
+License-Expression: Apache-2.0
+Requires-Python: >=3.10
+Requires-Dist: gliner>=0.2.0
+Requires-Dist: fastapi>=0.111.0
+Requires-Dist: uvicorn[standard]>=0.30.0
+Provides-Extra: dev
+Requires-Dist: pytest>=8.0.0; extra == "dev"
+Requires-Dist: httpx>=0.27.0; extra == "dev"

clawguard_pii-0.1.0/src/ClawGuard_PII.egg-info/SOURCES.txt ADDED Viewed

@@ -0,0 +1,14 @@
+README.md
+pyproject.toml
+src/ClawGuard_PII.egg-info/PKG-INFO
+src/ClawGuard_PII.egg-info/SOURCES.txt
+src/ClawGuard_PII.egg-info/dependency_links.txt
+src/ClawGuard_PII.egg-info/entry_points.txt
+src/ClawGuard_PII.egg-info/requires.txt
+src/ClawGuard_PII.egg-info/top_level.txt
+src/clawguard/__init__.py
+src/clawguard/cli.py
+src/clawguard/redactor.py
+src/clawguard/server.py
+tests/test_redactor.py
+tests/test_server.py

clawguard_pii-0.1.0/src/ClawGuard_PII.egg-info/dependency_links.txt ADDED Viewed

	@@ -0,0 +1 @@
1	+

clawguard_pii-0.1.0/src/ClawGuard_PII.egg-info/entry_points.txt ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ [console_scripts]
2	+ clawguard = clawguard.cli:serve

clawguard_pii-0.1.0/src/ClawGuard_PII.egg-info/requires.txt ADDED Viewed

@@ -0,0 +1,7 @@
+gliner>=0.2.0
+fastapi>=0.111.0
+uvicorn[standard]>=0.30.0
+[dev]
+pytest>=8.0.0
+httpx>=0.27.0

clawguard_pii-0.1.0/src/ClawGuard_PII.egg-info/top_level.txt ADDED Viewed

	@@ -0,0 +1 @@
1	+ clawguard

clawguard_pii-0.1.0/src/clawguard/__init__.py ADDED Viewed

@@ -0,0 +1,3 @@
+from clawguard.redactor import PIIRedactor, RedactResult
+__all__ = ["PIIRedactor", "RedactResult"]

clawguard_pii-0.1.0/src/clawguard/cli.py ADDED Viewed

@@ -0,0 +1,15 @@
+"""CLI entrypoint for ClawGuard."""
+from __future__ import annotations
+import sys
+def serve() -> None:
+    try:
+        import uvicorn
+    except ImportError:
+        print("uvicorn is not installed. Run: pip install clawguard", file=sys.stderr)
+        sys.exit(1)
+    uvicorn.run("clawguard.server:app", host="127.0.0.1", port=8000, reload=False)

clawguard_pii-0.1.0/src/clawguard/redactor.py ADDED Viewed

@@ -0,0 +1,90 @@
+"""PII detection and redaction using nvidia/gliner-PII."""
+from __future__ import annotations
+from dataclasses import dataclass, field
+from gliner import GLiNER
+DEFAULT_MODEL_ID = "nvidia/gliner-PII"
+DEFAULT_THRESHOLD = 0.5
+DEFAULT_LABELS: list[str] = [
+    "email",
+    "phone_number",
+    "ssn",
+    "credit_card_number",
+    "bank_account_number",
+    "ip_address",
+    "password",
+    "api_key",
+    "user_name",
+    "date_of_birth",
+    "drivers_license_number",
+    "passport_number",
+    "address",
+    "medical_record_number",
+    "health_insurance_id",
+]
+@dataclass
+class RedactResult:
+    redacted_text: str
+    redacted_count: int
+    redacted_items: list[dict] = field(default_factory=list)
+def _resolve_overlaps(entities: list[dict]) -> list[dict]:
+    """Remove overlapping spans, keeping the highest-confidence entity per region."""
+    sorted_by_conf = sorted(entities, key=lambda e: e["score"], reverse=True)
+    kept: list[dict] = []
+    for ent in sorted_by_conf:
+        if any(ent["start"] < k["end"] and ent["end"] > k["start"] for k in kept):
+            continue
+        kept.append(ent)
+    return sorted(kept, key=lambda e: e["start"])
+class PIIRedactor:
+    def __init__(
+        self,
+        model_id: str = DEFAULT_MODEL_ID,
+        threshold: float = DEFAULT_THRESHOLD,
+        labels: list[str] | None = None,
+    ):
+        self.threshold = threshold
+        self.labels = labels or DEFAULT_LABELS
+        self._model = GLiNER.from_pretrained(model_id)
+    def redact(self, text: str) -> RedactResult:
+        """Detect PII in text and replace each span with [LABEL_UPPER]."""
+        raw_entities = self._model.predict_entities(text, self.labels, threshold=self.threshold)
+        entities = _resolve_overlaps(raw_entities)
+        parts: list[str] = []
+        cursor = 0
+        redacted_items: list[dict] = []
+        for ent in entities:
+            parts.append(text[cursor : ent["start"]])
+            placeholder = f"[{ent['label'].upper()}]"
+            parts.append(placeholder)
+            cursor = ent["end"]
+            redacted_items.append(
+                {
+                    "original": text[ent["start"] : ent["end"]],
+                    "label": ent["label"],
+                    "replacement": placeholder,
+                    "confidence": ent["score"],
+                }
+            )
+        parts.append(text[cursor:])
+        return RedactResult(
+            redacted_text="".join(parts),
+            redacted_count=len(entities),
+            redacted_items=redacted_items,
+        )

clawguard_pii-0.1.0/src/clawguard/server.py ADDED Viewed

@@ -0,0 +1,102 @@
+"""FastAPI service exposing PII redaction for OpenClaw."""
+from __future__ import annotations
+import asyncio
+import hmac
+import os
+from contextlib import asynccontextmanager
+from typing import Annotated
+from fastapi import Depends, FastAPI, HTTPException, Query, Security
+from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
+from pydantic import BaseModel
+from clawguard.redactor import PIIRedactor, RedactResult
+_raw_token = os.environ.get("CLAWGUARD_TOKEN", "")
+if not _raw_token or _raw_token == "change-me":
+    raise RuntimeError(
+        "CLAWGUARD_TOKEN environment variable is not set or uses the default placeholder. "
+        "Generate a secret with: python3 -c \"import secrets; print(secrets.token_hex(32))\""
+    )
+API_TOKEN: str = _raw_token
+MODEL_ID: str = os.environ.get("MODEL_ID", "nvidia/gliner-PII")
+THRESHOLD: float = float(os.environ.get("THRESHOLD", "0.5"))
+MAX_TEXT_LENGTH: int = int(os.environ.get("MAX_TEXT_LENGTH", "50000"))
+security = HTTPBearer()
+def verify_token(
+    credentials: Annotated[HTTPAuthorizationCredentials, Security(security)],
+) -> str:
+    if not hmac.compare_digest(credentials.credentials, API_TOKEN):
+        raise HTTPException(status_code=401, detail="Invalid token")
+    return credentials.credentials
+class TextRequest(BaseModel):
+    text: str
+class RedactedItem(BaseModel):
+    label: str
+    replacement: str
+    confidence: float
+    original: str | None = None
+class RedactResponse(BaseModel):
+    redacted_text: str
+    redacted_count: int
+    redacted_items: list[RedactedItem]
+@asynccontextmanager
+async def lifespan(app: FastAPI):
+    app.state.redactor = PIIRedactor(model_id=MODEL_ID, threshold=THRESHOLD)
+    yield
+app = FastAPI(title="ClawGuard PII Redaction Service", version="0.1.0", lifespan=lifespan)
+@app.get("/health")
+async def health():
+    return {"status": "ok"}
+@app.post("/redact", response_model=RedactResponse, dependencies=[Depends(verify_token)])
+async def redact(
+    req: TextRequest,
+    include_original: Annotated[bool, Query()] = False,
+) -> RedactResponse:
+    if not req.text:
+        return RedactResponse(redacted_text="", redacted_count=0, redacted_items=[])
+    if len(req.text) > MAX_TEXT_LENGTH:
+        raise HTTPException(
+            status_code=413,
+            detail=f"Text exceeds maximum allowed length of {MAX_TEXT_LENGTH} characters.",
+        )
+    result: RedactResult = await asyncio.to_thread(app.state.redactor.redact, req.text)
+    items = [
+        RedactedItem(
+            label=item["label"],
+            replacement=item["replacement"],
+            confidence=item["confidence"],
+            original=item["original"] if include_original else None,
+        )
+        for item in result.redacted_items
+    ]
+    return RedactResponse(
+        redacted_text=result.redacted_text,
+        redacted_count=result.redacted_count,
+        redacted_items=items,
+    )

clawguard_pii-0.1.0/tests/test_redactor.py ADDED Viewed

@@ -0,0 +1,189 @@
+"""Tests for PIIRedactor."""
+from __future__ import annotations
+from unittest.mock import MagicMock, patch
+import pytest
+from clawguard.redactor import (
+    DEFAULT_LABELS,
+    DEFAULT_THRESHOLD,
+    PIIRedactor,
+    RedactResult,
+    _resolve_overlaps,
+)
+def _make_redactor(predict_return: list[dict]) -> PIIRedactor:
+    with patch("clawguard.redactor.GLiNER") as MockGLiNER:
+        mock_model = MagicMock()
+        MockGLiNER.from_pretrained.return_value = mock_model
+        mock_model.predict_entities.return_value = predict_return
+        redactor = PIIRedactor()
+    return redactor
+class TestDefaults:
+    def test_default_labels_is_nonempty_list(self):
+        assert isinstance(DEFAULT_LABELS, list)
+        assert len(DEFAULT_LABELS) > 0
+    def test_loads_nvidia_model_by_default(self):
+        with patch("clawguard.redactor.GLiNER") as MockGLiNER:
+            MockGLiNER.from_pretrained.return_value = MagicMock()
+            PIIRedactor()
+            MockGLiNER.from_pretrained.assert_called_once_with("nvidia/gliner-PII")
+    def test_default_threshold_is_0_5(self):
+        with patch("clawguard.redactor.GLiNER") as MockGLiNER:
+            MockGLiNER.from_pretrained.return_value = MagicMock()
+            r = PIIRedactor()
+            assert r.threshold == 0.5
+    def test_default_threshold_constant(self):
+        assert DEFAULT_THRESHOLD == 0.5
+class TestRedactCleanText:
+    def test_clean_text_unchanged(self):
+        redactor = _make_redactor([])
+        result = redactor.redact("What is the capital of France?")
+        assert result.redacted_text == "What is the capital of France?"
+        assert result.redacted_count == 0
+        assert result.redacted_items == []
+    def test_returns_redact_result(self):
+        redactor = _make_redactor([])
+        result = redactor.redact("hello")
+        assert isinstance(result, RedactResult)
+class TestRedactSingleEntity:
+    def test_email_redacted(self):
+        redactor = _make_redactor([
+            {"text": "john@example.com", "label": "email", "start": 12, "end": 28, "score": 0.99},
+        ])
+        result = redactor.redact("Contact me: john@example.com")
+        assert "john@example.com" not in result.redacted_text
+        assert "[EMAIL]" in result.redacted_text
+        assert result.redacted_count == 1
+    def test_phone_redacted(self):
+        redactor = _make_redactor([
+            {"text": "555-123-4567", "label": "phone_number", "start": 9, "end": 21, "score": 0.97},
+        ])
+        result = redactor.redact("Call me: 555-123-4567")
+        assert "555-123-4567" not in result.redacted_text
+        assert "[PHONE_NUMBER]" in result.redacted_text
+    def test_ssn_redacted(self):
+        redactor = _make_redactor([
+            {"text": "123-45-6789", "label": "ssn", "start": 12, "end": 23, "score": 0.98},
+        ])
+        result = redactor.redact("My SSN is: 123-45-6789")
+        assert "123-45-6789" not in result.redacted_text
+        assert "[SSN]" in result.redacted_text
+    def test_label_uppercased(self):
+        redactor = _make_redactor([
+            {"text": "foo@bar.com", "label": "email", "start": 0, "end": 11, "score": 0.95},
+        ])
+        result = redactor.redact("foo@bar.com")
+        assert result.redacted_text == "[EMAIL]"
+class TestRedactMultipleEntities:
+    def test_two_entities_both_redacted(self):
+        redactor = _make_redactor([
+            {"text": "john@example.com", "label": "email", "start": 0, "end": 16, "score": 0.99},
+            {"text": "555-123-4567", "label": "phone_number", "start": 20, "end": 32, "score": 0.97},
+        ])
+        result = redactor.redact("john@example.com and 555-123-4567")
+        assert result.redacted_count == 2
+        assert "[EMAIL]" in result.redacted_text
+        assert "[PHONE_NUMBER]" in result.redacted_text
+        assert "john@example.com" not in result.redacted_text
+        assert "555-123-4567" not in result.redacted_text
+class TestOverlapResolution:
+    def test_higher_confidence_wins_on_overlap(self):
+        redactor = _make_redactor([
+            {"text": "john", "label": "user_name", "start": 0, "end": 4, "score": 0.9},
+            {"text": "john@example.com", "label": "email", "start": 0, "end": 16, "score": 0.99},
+        ])
+        result = redactor.redact("john@example.com")
+        assert result.redacted_text == "[EMAIL]"
+        assert result.redacted_count == 1
+    def test_nested_span_discarded(self):
+        redactor = _make_redactor([
+            {"text": "john@example.com", "label": "email", "start": 0, "end": 16, "score": 0.99},
+            {"text": "john", "label": "user_name", "start": 0, "end": 4, "score": 0.5},
+        ])
+        result = redactor.redact("john@example.com")
+        assert result.redacted_text == "[EMAIL]"
+        assert result.redacted_count == 1
+    def test_non_overlapping_spans_both_kept(self):
+        redactor = _make_redactor([
+            {"text": "john@example.com", "label": "email", "start": 0, "end": 16, "score": 0.99},
+            {"text": "555-123-4567", "label": "phone_number", "start": 20, "end": 32, "score": 0.97},
+        ])
+        result = redactor.redact("john@example.com and 555-123-4567")
+        assert result.redacted_count == 2
+    def test_resolve_overlaps_unit(self):
+        entities = [
+            {"text": "john", "label": "user_name", "start": 0, "end": 4, "score": 0.9},
+            {"text": "john@example.com", "label": "email", "start": 0, "end": 16, "score": 0.99},
+            {"text": "555-123-4567", "label": "phone_number", "start": 20, "end": 32, "score": 0.97},
+        ]
+        kept = _resolve_overlaps(entities)
+        assert len(kept) == 2
+        assert kept[0]["label"] == "email"
+        assert kept[1]["label"] == "phone_number"
+class TestRedactItems:
+    def test_redacted_items_contain_metadata(self):
+        redactor = _make_redactor([
+            {"text": "john@example.com", "label": "email", "start": 0, "end": 16, "score": 0.99},
+        ])
+        result = redactor.redact("john@example.com")
+        assert len(result.redacted_items) == 1
+        item = result.redacted_items[0]
+        assert item["original"] == "john@example.com"
+        assert item["label"] == "email"
+        assert item["replacement"] == "[EMAIL]"
+        assert item["confidence"] == 0.99
+    def test_redacted_items_ordered_by_appearance(self):
+        redactor = _make_redactor([
+            {"text": "555-123-4567", "label": "phone_number", "start": 20, "end": 32, "score": 0.97},
+            {"text": "john@example.com", "label": "email", "start": 0, "end": 16, "score": 0.99},
+        ])
+        result = redactor.redact("john@example.com and 555-123-4567")
+        assert result.redacted_items[0]["label"] == "email"
+        assert result.redacted_items[1]["label"] == "phone_number"
+class TestRedactPassesConfig:
+    def test_custom_threshold_passed_to_model(self):
+        with patch("clawguard.redactor.GLiNER") as MockGLiNER:
+            mock_model = MagicMock()
+            MockGLiNER.from_pretrained.return_value = mock_model
+            mock_model.predict_entities.return_value = []
+            redactor = PIIRedactor(threshold=0.8)
+        redactor.redact("test text")
+        args, kwargs = mock_model.predict_entities.call_args
+        threshold = kwargs.get("threshold") or (args[2] if len(args) > 2 else None)
+        assert threshold == 0.8
+    def test_custom_model_id_used(self):
+        with patch("clawguard.redactor.GLiNER") as MockGLiNER:
+            MockGLiNER.from_pretrained.return_value = MagicMock()
+            PIIRedactor(model_id="custom/model")
+            MockGLiNER.from_pretrained.assert_called_once_with("custom/model")

clawguard_pii-0.1.0/tests/test_server.py ADDED Viewed

@@ -0,0 +1,207 @@
+"""Tests for the FastAPI server."""
+from __future__ import annotations
+import importlib
+from unittest.mock import MagicMock, patch
+import pytest
+from fastapi.testclient import TestClient
+from clawguard.redactor import RedactResult
+@pytest.fixture
+def client(monkeypatch):
+    monkeypatch.setenv("CLAWGUARD_TOKEN", "test-token")
+    mock_redactor = MagicMock()
+    mock_redactor.redact.return_value = RedactResult(
+        redacted_text="Contact [EMAIL]",
+        redacted_count=1,
+        redacted_items=[{
+            "original": "john@example.com",
+            "label": "email",
+            "replacement": "[EMAIL]",
+            "confidence": 0.99,
+        }],
+    )
+    with patch("clawguard.server.PIIRedactor", return_value=mock_redactor):
+        import clawguard.server as srv
+        importlib.reload(srv)
+        with TestClient(srv.app) as tc:
+            yield tc
+@pytest.fixture
+def clean_client(monkeypatch):
+    """Client whose mock redactor returns no PII."""
+    monkeypatch.setenv("CLAWGUARD_TOKEN", "test-token")
+    mock_redactor = MagicMock()
+    mock_redactor.redact.return_value = RedactResult(
+        redacted_text="Hello world",
+        redacted_count=0,
+        redacted_items=[],
+    )
+    with patch("clawguard.server.PIIRedactor", return_value=mock_redactor):
+        import clawguard.server as srv
+        importlib.reload(srv)
+        with TestClient(srv.app) as tc:
+            yield tc
+class TestHealth:
+    def test_health_returns_ok(self, client):
+        resp = client.get("/health")
+        assert resp.status_code == 200
+        assert resp.json()["status"] == "ok"
+    def test_health_requires_no_auth(self, client):
+        resp = client.get("/health")
+        assert resp.status_code == 200
+class TestRedactEndpoint:
+    def test_valid_request_returns_200(self, client):
+        resp = client.post(
+            "/redact",
+            json={"text": "Contact john@example.com"},
+            headers={"Authorization": "Bearer test-token"},
+        )
+        assert resp.status_code == 200
+    def test_response_shape(self, client):
+        resp = client.post(
+            "/redact",
+            json={"text": "Contact john@example.com"},
+            headers={"Authorization": "Bearer test-token"},
+        )
+        data = resp.json()
+        assert "redacted_text" in data
+        assert "redacted_count" in data
+        assert "redacted_items" in data
+    def test_redacted_text_returned(self, client):
+        resp = client.post(
+            "/redact",
+            json={"text": "Contact john@example.com"},
+            headers={"Authorization": "Bearer test-token"},
+        )
+        assert resp.json()["redacted_text"] == "Contact [EMAIL]"
+    def test_redacted_count_returned(self, client):
+        resp = client.post(
+            "/redact",
+            json={"text": "Contact john@example.com"},
+            headers={"Authorization": "Bearer test-token"},
+        )
+        assert resp.json()["redacted_count"] == 1
+    def test_empty_text_short_circuits(self, clean_client):
+        resp = clean_client.post(
+            "/redact",
+            json={"text": ""},
+            headers={"Authorization": "Bearer test-token"},
+        )
+        assert resp.status_code == 200
+        data = resp.json()
+        assert data["redacted_text"] == ""
+        assert data["redacted_count"] == 0
+        assert data["redacted_items"] == []
+    def test_oversized_text_rejected(self, monkeypatch):
+        monkeypatch.setenv("CLAWGUARD_TOKEN", "test-token")
+        monkeypatch.setenv("MAX_TEXT_LENGTH", "10")
+        mock_redactor = MagicMock()
+        mock_redactor.redact.return_value = RedactResult("", 0, [])
+        with patch("clawguard.server.PIIRedactor", return_value=mock_redactor):
+            import clawguard.server as srv
+            importlib.reload(srv)
+            with TestClient(srv.app) as tc:
+                resp = tc.post(
+                    "/redact",
+                    json={"text": "x" * 11},
+                    headers={"Authorization": "Bearer test-token"},
+                )
+        assert resp.status_code == 413
+class TestOriginalField:
+    def test_original_omitted_by_default(self, client):
+        resp = client.post(
+            "/redact",
+            json={"text": "Contact john@example.com"},
+            headers={"Authorization": "Bearer test-token"},
+        )
+        items = resp.json()["redacted_items"]
+        assert len(items) == 1
+        assert items[0].get("original") is None
+    def test_original_included_when_requested(self, client):
+        resp = client.post(
+            "/redact?include_original=true",
+            json={"text": "Contact john@example.com"},
+            headers={"Authorization": "Bearer test-token"},
+        )
+        items = resp.json()["redacted_items"]
+        assert len(items) == 1
+        assert items[0]["original"] == "john@example.com"
+class TestAuth:
+    def test_missing_auth_rejected(self, client):
+        resp = client.post("/redact", json={"text": "hello"})
+        assert resp.status_code in (401, 403)
+    def test_wrong_token_rejected(self, client):
+        resp = client.post(
+            "/redact",
+            json={"text": "hello"},
+            headers={"Authorization": "Bearer wrong-token"},
+        )
+        assert resp.status_code == 401
+    def test_correct_token_accepted(self, client):
+        resp = client.post(
+            "/redact",
+            json={"text": "hello"},
+            headers={"Authorization": "Bearer test-token"},
+        )
+        assert resp.status_code == 200
+class TestStartupGuard:
+    def test_missing_token_raises_on_import(self, monkeypatch):
+        monkeypatch.delenv("CLAWGUARD_TOKEN", raising=False)
+        import clawguard.server as srv
+        with pytest.raises(RuntimeError, match="CLAWGUARD_TOKEN"):
+            importlib.reload(srv)
+    def test_default_placeholder_raises_on_import(self, monkeypatch):
+        monkeypatch.setenv("CLAWGUARD_TOKEN", "change-me")
+        import clawguard.server as srv
+        with pytest.raises(RuntimeError, match="CLAWGUARD_TOKEN"):
+            importlib.reload(srv)
+class TestValidation:
+    def test_missing_text_field_rejected(self, client):
+        resp = client.post(
+            "/redact",
+            json={},
+            headers={"Authorization": "Bearer test-token"},
+        )
+        assert resp.status_code == 422
+    def test_empty_text_accepted(self, client):
+        resp = client.post(
+            "/redact",
+            json={"text": ""},
+            headers={"Authorization": "Bearer test-token"},
+        )
+        assert resp.status_code == 200