llm-redacted 0.2.0__tar.gz

llm_redacted-0.2.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 redacted contributors
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

llm_redacted-0.2.0/PKG-INFO

@@ -0,0 +1,80 @@
+Metadata-Version: 2.4
+Name: llm-redacted
+Version: 0.2.0
+Summary: A lightweight, zero-dependency output sanitizer for secrets, API keys, and PII.
+Author: redacted
+License: MIT
+Project-URL: Homepage, https://github.com/redacted/redacted
+Project-URL: Repository, https://github.com/redacted/redacted
+Project-URL: Issues, https://github.com/redacted/redacted/issues
+Keywords: sanitizer,redaction,secrets,pii,llm,security,api-keys
+Classifier: Development Status :: 3 - Alpha
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.8
+Classifier: Programming Language :: Python :: 3.9
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Classifier: Topic :: Security
+Classifier: Topic :: Software Development :: Libraries :: Python Modules
+Classifier: Typing :: Typed
+Requires-Python: >=3.8
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Dynamic: license-file
+
+# redacted
+
+Stop leaking secrets. One function call.
+
+A lightweight, zero-dependency Python library that sanitizes secrets, API keys, PII, and sensitive data from text. Designed for LLM output pipelines.
+
+## Installation
+
+```bash
+pip install redacted
+```
+
+## Quick Start
+
+```python
+from main import sanitize_output
+
+text = "My API key is sk-12345678901234567890"
+clean = sanitize_output(text)
+print(clean)
+# Output: My API key is [OPENAI_KEY]
+```
+
+## Features
+
+- **20 Built-in Detectors**: OpenAI, AWS, GitHub, Stripe, JWT, GCP, Slack, Twilio, Azure, Discord, PEM, Email, Phone, IPv4, SSN, Credit Cards, Env Vars, Local Paths, Connection Strings, Bearer Tokens.
+- **Zero Dependencies**: Pure Python stdlib.
+- **Reversible Redaction**: Keep a mapping of original secrets to restore them later.
+- **Streaming Support**: Sanitize LLM streams token-by-token.
+- **Extensible**: Add custom regex detectors easily.
+
+## Advanced Usage
+
+### Reversible Redaction
+```python
+from main import sanitize_output, restore_output
+
+result = sanitize_output("Email admin@test.com", detailed=True)
+print(result.cleaned) # Email [EMAIL_1]
+
+restored = restore_output(result.cleaned, result.mapping)
+print(restored) # Email admin@test.com
+```
+
+### Streaming
+```python
+from main import StreamingSanitizer
+
+sanitizer = StreamingSanitizer()
+# feed tokens one by one
+safe_token = sanitizer.feed("sk-")
+```

llm_redacted-0.2.0/README.md

@@ -0,0 +1,52 @@
+# redacted
+
+Stop leaking secrets. One function call.
+
+A lightweight, zero-dependency Python library that sanitizes secrets, API keys, PII, and sensitive data from text. Designed for LLM output pipelines.
+
+## Installation
+
+```bash
+pip install redacted
+```
+
+## Quick Start
+
+```python
+from main import sanitize_output
+
+text = "My API key is sk-12345678901234567890"
+clean = sanitize_output(text)
+print(clean)
+# Output: My API key is [OPENAI_KEY]
+```
+
+## Features
+
+- **20 Built-in Detectors**: OpenAI, AWS, GitHub, Stripe, JWT, GCP, Slack, Twilio, Azure, Discord, PEM, Email, Phone, IPv4, SSN, Credit Cards, Env Vars, Local Paths, Connection Strings, Bearer Tokens.
+- **Zero Dependencies**: Pure Python stdlib.
+- **Reversible Redaction**: Keep a mapping of original secrets to restore them later.
+- **Streaming Support**: Sanitize LLM streams token-by-token.
+- **Extensible**: Add custom regex detectors easily.
+
+## Advanced Usage
+
+### Reversible Redaction
+```python
+from main import sanitize_output, restore_output
+
+result = sanitize_output("Email admin@test.com", detailed=True)
+print(result.cleaned) # Email [EMAIL_1]
+
+restored = restore_output(result.cleaned, result.mapping)
+print(restored) # Email admin@test.com
+```
+
+### Streaming
+```python
+from main import StreamingSanitizer
+
+sanitizer = StreamingSanitizer()
+# feed tokens one by one
+safe_token = sanitizer.feed("sk-")
+```

llm_redacted-0.2.0/llm_redacted.egg-info/PKG-INFO

@@ -0,0 +1,80 @@
+Metadata-Version: 2.4
+Name: llm-redacted
+Version: 0.2.0
+Summary: A lightweight, zero-dependency output sanitizer for secrets, API keys, and PII.
+Author: redacted
+License: MIT
+Project-URL: Homepage, https://github.com/redacted/redacted
+Project-URL: Repository, https://github.com/redacted/redacted
+Project-URL: Issues, https://github.com/redacted/redacted/issues
+Keywords: sanitizer,redaction,secrets,pii,llm,security,api-keys
+Classifier: Development Status :: 3 - Alpha
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.8
+Classifier: Programming Language :: Python :: 3.9
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Classifier: Topic :: Security
+Classifier: Topic :: Software Development :: Libraries :: Python Modules
+Classifier: Typing :: Typed
+Requires-Python: >=3.8
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Dynamic: license-file
+
+# redacted
+
+Stop leaking secrets. One function call.
+
+A lightweight, zero-dependency Python library that sanitizes secrets, API keys, PII, and sensitive data from text. Designed for LLM output pipelines.
+
+## Installation
+
+```bash
+pip install redacted
+```
+
+## Quick Start
+
+```python
+from main import sanitize_output
+
+text = "My API key is sk-12345678901234567890"
+clean = sanitize_output(text)
+print(clean)
+# Output: My API key is [OPENAI_KEY]
+```
+
+## Features
+
+- **20 Built-in Detectors**: OpenAI, AWS, GitHub, Stripe, JWT, GCP, Slack, Twilio, Azure, Discord, PEM, Email, Phone, IPv4, SSN, Credit Cards, Env Vars, Local Paths, Connection Strings, Bearer Tokens.
+- **Zero Dependencies**: Pure Python stdlib.
+- **Reversible Redaction**: Keep a mapping of original secrets to restore them later.
+- **Streaming Support**: Sanitize LLM streams token-by-token.
+- **Extensible**: Add custom regex detectors easily.
+
+## Advanced Usage
+
+### Reversible Redaction
+```python
+from main import sanitize_output, restore_output
+
+result = sanitize_output("Email admin@test.com", detailed=True)
+print(result.cleaned) # Email [EMAIL_1]
+
+restored = restore_output(result.cleaned, result.mapping)
+print(restored) # Email admin@test.com
+```
+
+### Streaming
+```python
+from main import StreamingSanitizer
+
+sanitizer = StreamingSanitizer()
+# feed tokens one by one
+safe_token = sanitizer.feed("sk-")
+```

llm_redacted-0.2.0/llm_redacted.egg-info/SOURCES.txt

@@ -0,0 +1,33 @@
+LICENSE
+README.md
+pyproject.toml
+llm_redacted.egg-info/PKG-INFO
+llm_redacted.egg-info/SOURCES.txt
+llm_redacted.egg-info/dependency_links.txt
+llm_redacted.egg-info/top_level.txt
+main/__init__.py
+main/result.py
+main/sanitizer.py
+main/streaming.py
+main/detectors/__init__.py
+main/detectors/aws.py
+main/detectors/azure.py
+main/detectors/bearer.py
+main/detectors/connection_string.py
+main/detectors/credit_card.py
+main/detectors/discord.py
+main/detectors/email.py
+main/detectors/env.py
+main/detectors/gcp.py
+main/detectors/github.py
+main/detectors/ipv4.py
+main/detectors/jwt.py
+main/detectors/local_path.py
+main/detectors/openai.py
+main/detectors/pem.py
+main/detectors/phone.py
+main/detectors/slack.py
+main/detectors/ssn.py
+main/detectors/stripe.py
+main/detectors/twilio.py
+tests/test_sanitizer.py

llm_redacted-0.2.0/llm_redacted.egg-info/dependency_links.txt

@@ -0,0 +1 @@
+

llm_redacted-0.2.0/llm_redacted.egg-info/top_level.txt

@@ -0,0 +1 @@
+main

llm_redacted-0.2.0/main/__init__.py

@@ -0,0 +1,17 @@
+"""redacted — A lightweight, zero-dependency output sanitizer.
+
+Sanitizes secrets, API keys, PII, and sensitive data from text.
+Designed for LLM output pipelines, logging, and data sharing.
+"""
+from main.sanitizer import sanitize_output, restore_output
+from main.result import SanitizeResult, Finding
+from main.streaming import StreamingSanitizer
+
+__version__ = "0.2.0"
+__all__ = [
+    "sanitize_output",
+    "restore_output",
+    "SanitizeResult",
+    "Finding",
+    "StreamingSanitizer",
+]

llm_redacted-0.2.0/main/detectors/__init__.py

@@ -0,0 +1,20 @@
+"""Auto-discovery of all detector modules in this package."""
+import importlib
+import pkgutil
+import os
+
+
+def _discover_detectors():
+    """Discover all detector modules and return them as a list."""
+    detectors = []
+    package_dir = os.path.dirname(__file__)
+    for importer, modname, ispkg in pkgutil.iter_modules([package_dir]):
+        if modname.startswith('_'):
+            continue
+        module = importlib.import_module(f'.{modname}', package=__package__)
+        if hasattr(module, 'TYPE') and hasattr(module, 'PATTERN') and hasattr(module, 'PLACEHOLDER'):
+            detectors.append(module)
+    return detectors
+
+
+ALL_DETECTORS = _discover_detectors()

llm_redacted-0.2.0/main/detectors/aws.py

@@ -0,0 +1,4 @@
+# Matches AWS Access Key IDs: AKIA, ASIA (temp creds), AGPA, ANPA, A3T prefixes
+TYPE = "AWS_ACCESS_KEY"
+PATTERN = r"\b(?:AKIA|ASIA|AGPA|ANPA|A3T)[0-9A-Z]{16}\b"
+PLACEHOLDER = "[AWS_KEY]"

llm_redacted-0.2.0/main/detectors/azure.py

@@ -0,0 +1,5 @@
+# Matches Azure storage account keys (base64, 88 chars)
+# and Azure SAS tokens
+TYPE = "AZURE_KEY"
+PATTERN = r"(?:AccountKey=)[A-Za-z0-9+/=]{80,}|(?:sig=)[A-Za-z0-9%+/=]{40,}"
+PLACEHOLDER = "[AZURE_KEY]"

llm_redacted-0.2.0/main/detectors/bearer.py

@@ -0,0 +1,4 @@
+# Matches Bearer tokens in HTTP authorization headers
+TYPE = "BEARER_TOKEN"
+PATTERN = r"(?:Bearer|Authorization:\s*Bearer)\s+[A-Za-z0-9_\-.~+/]+="
+PLACEHOLDER = "[BEARER_TOKEN]"

llm_redacted-0.2.0/main/detectors/connection_string.py

@@ -0,0 +1,5 @@
+# Matches database connection strings with embedded credentials
+# postgres://, mysql://, mongodb://, redis://, etc.
+TYPE = "CONNECTION_STRING"
+PATTERN = r"(?:postgres(?:ql)?|mysql|mongodb(?:\+srv)?|redis|amqp|mssql)://[^\s'\"<>]+:[^\s'\"<>]+@[^\s'\"<>]+"
+PLACEHOLDER = "[CONNECTION_STRING]"

llm_redacted-0.2.0/main/detectors/credit_card.py

@@ -0,0 +1,5 @@
+# Matches major credit card number formats (with optional separators)
+# Visa (4xxx), Mastercard (5xxx/2xxx), Amex (34xx/37xx), Discover (6xxx)
+TYPE = "CREDIT_CARD"
+PATTERN = r"\b(?:4[0-9]{3}|5[1-5][0-9]{2}|3[47][0-9]{2}|6(?:011|5[0-9]{2}))[- ]?[0-9]{4}[- ]?[0-9]{4}[- ]?[0-9]{3,4}\b"
+PLACEHOLDER = "[CREDIT_CARD]"

llm_redacted-0.2.0/main/detectors/discord.py

@@ -0,0 +1,4 @@
+# Matches Discord bot tokens and webhook URLs
+TYPE = "DISCORD_TOKEN"
+PATTERN = r"(?:discord(?:app)?\.com/api/webhooks/\d+/[\w-]+|[MN][A-Za-z\d]{23,}\.[\w-]{6}\.[\w-]{27,})"
+PLACEHOLDER = "[DISCORD_TOKEN]"

llm_redacted-0.2.0/main/detectors/email.py

@@ -0,0 +1,4 @@
+# Matches email addresses
+TYPE = "EMAIL"
+PATTERN = r"\b[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z]{2,}\b"
+PLACEHOLDER = "[EMAIL]"

llm_redacted-0.2.0/main/detectors/env.py

@@ -0,0 +1,6 @@
+# Matches env var assignments with sensitive-looking keys
+# Requires key to contain SECRET, PASSWORD, TOKEN, API_KEY, etc.
+# Value must be at least 6 chars to avoid matching docs
+TYPE = "ENV_VAR"
+PATTERN = r"(?:^|\b)(?:export\s+)?[A-Z_]*(?:SECRET|PASSWORD|PASSWD|TOKEN|API_?KEY|AUTH|CREDENTIAL)[A-Z_]*\s*=\s*[\"']?[^\s\"'>]{6,}[\"']?"
+PLACEHOLDER = "[ENV_VAR_REDACTED]"

llm_redacted-0.2.0/main/detectors/gcp.py

@@ -0,0 +1,5 @@
+# Matches Google Cloud API keys (AIzaSy prefix, 39 chars total)
+# and Google OAuth client IDs
+TYPE = "GCP_API_KEY"
+PATTERN = r"\bAIzaSy[A-Za-z0-9_-]{33}\b"
+PLACEHOLDER = "[GCP_KEY]"

llm_redacted-0.2.0/main/detectors/github.py

@@ -0,0 +1,4 @@
+# Matches GitHub tokens: ghp_, gho_, ghu_, ghs_, ghr_ followed by 36+ alphanumeric chars
+TYPE = "GITHUB_TOKEN"
+PATTERN = r"\bgh[pousr]_[A-Za-z0-9_]{36,}\b"
+PLACEHOLDER = "[GITHUB_TOKEN]"

llm_redacted-0.2.0/main/detectors/ipv4.py

@@ -0,0 +1,4 @@
+# Matches valid IPv4 addresses: each octet 0-255
+TYPE = "IPV4_ADDRESS"
+PATTERN = r"\b(?:(?:25[0-5]|2[0-4]\d|1\d{2}|[1-9]?\d)\.){3}(?:25[0-5]|2[0-4]\d|1\d{2}|[1-9]?\d)\b"
+PLACEHOLDER = "[IP_ADDRESS]"

llm_redacted-0.2.0/main/detectors/jwt.py

@@ -0,0 +1,5 @@
+# Matches JWT tokens: must start with eyJ (base64 for '{"')
+# Three base64url sections separated by dots
+TYPE = "JWT_TOKEN"
+PATTERN = r"\beyJ[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+\b"
+PLACEHOLDER = "[JWT_TOKEN]"

llm_redacted-0.2.0/main/detectors/local_path.py

@@ -0,0 +1,5 @@
+# Matches local file paths (Unix and Windows)
+# Covers /home, /Users, /root, /etc, /var, /tmp, /opt, /srv and Windows drive paths
+TYPE = "LOCAL_PATH"
+PATTERN = r"(?:[A-Z]:\\(?:[^\\\s]+\\)*[^\\\s]+|/(?:home|Users|root|etc|var|tmp|opt|srv)/[\w./-]+)"
+PLACEHOLDER = "[LOCAL_PATH]"

llm_redacted-0.2.0/main/detectors/openai.py

@@ -0,0 +1,5 @@
+# Matches OpenAI API keys: sk-<20+ alphanumeric chars>
+# Supports sk-proj- and sk-org- prefixes
+TYPE = "OPENAI_API_KEY"
+PATTERN = r"\bsk-(?:proj-|org-)?[A-Za-z0-9_-]{20,}\b"
+PLACEHOLDER = "[OPENAI_KEY]"

llm_redacted-0.2.0/main/detectors/pem.py

@@ -0,0 +1,4 @@
+# Matches PEM-encoded private keys: RSA, DSA, EC, OPENSSH, ENCRYPTED
+TYPE = "PEM_KEY"
+PATTERN = r"-----BEGIN[\w ]*PRIVATE KEY-----[\s\S]+?-----END[\w ]*PRIVATE KEY-----"
+PLACEHOLDER = "[PEM_KEY]"

llm_redacted-0.2.0/main/detectors/phone.py

@@ -0,0 +1,5 @@
+# Matches international phone numbers - requires + country code to reduce false positives
+# Or matches common formats like (XXX) XXX-XXXX
+TYPE = "PHONE"
+PATTERN = r"(?:\+\d{1,3}[\s.-]?\(?\d{1,4}\)?[\s.-]?\d{2,5}[\s.-]?\d{2,5})|(?:\(\d{3}\)[\s.-]?\d{3}[\s.-]?\d{4})"
+PLACEHOLDER = "[PHONE]"

llm_redacted-0.2.0/main/detectors/slack.py

@@ -0,0 +1,4 @@
+# Matches Slack tokens: bot (xoxb-), user (xoxp-), app (xapp-), workspace (xoxa-)
+TYPE = "SLACK_TOKEN"
+PATTERN = r"\bxox[bpas]-[A-Za-z0-9-]{10,}\b"
+PLACEHOLDER = "[SLACK_TOKEN]"

llm_redacted-0.2.0/main/detectors/ssn.py

@@ -0,0 +1,5 @@
+# Matches US Social Security Numbers: XXX-XX-XXXX format
+# Excludes known invalid ranges (000, 666, 900-999 in area)
+TYPE = "SSN"
+PATTERN = r"\b(?!000|666|9\d{2})\d{3}-(?!00)\d{2}-(?!0000)\d{4}\b"
+PLACEHOLDER = "[SSN]"

llm_redacted-0.2.0/main/detectors/stripe.py

@@ -0,0 +1,4 @@
+# Matches Stripe API keys: sk_live_ or sk_test_ followed by 24+ alphanumeric chars
+TYPE = "STRIPE_KEY"
+PATTERN = r"\bsk_(?:live|test)_[A-Za-z0-9]{24,}\b"
+PLACEHOLDER = "[STRIPE_KEY]"

llm_redacted-0.2.0/main/detectors/twilio.py

@@ -0,0 +1,4 @@
+# Matches Twilio Account SIDs (AC + 32 hex) and Auth Tokens (32 hex)
+TYPE = "TWILIO_KEY"
+PATTERN = r"\bAC[a-f0-9]{32}\b"
+PLACEHOLDER = "[TWILIO_SID]"

llm_redacted-0.2.0/main/result.py

@@ -0,0 +1,26 @@
+"""Result types for the redacted sanitizer."""
+from dataclasses import dataclass, field
+
+
+@dataclass
+class Finding:
+    """A single detected sensitive item."""
+    detector_type: str
+    original: str
+    placeholder: str
+    start: int
+    end: int
+
+
+@dataclass
+class SanitizeResult:
+    """Result of a detailed sanitization operation."""
+    cleaned: str
+    findings: list = field(default_factory=list)
+    mapping: dict = field(default_factory=dict)
+
+    def __str__(self):
+        return self.cleaned
+
+    def __repr__(self):
+        return f"SanitizeResult(findings={len(self.findings)}, mapping_size={len(self.mapping)})"

llm_redacted-0.2.0/main/sanitizer.py

@@ -0,0 +1,117 @@
+"""Core sanitization engine for the redacted library."""
+import re
+from main.detectors import ALL_DETECTORS
+from main.result import SanitizeResult, Finding
+
+
+# Precompile regexes for built-in detectors
+_COMPILED_DETECTORS = [
+    (re.compile(det.PATTERN, re.MULTILINE), det.TYPE, det.PLACEHOLDER)
+    for det in ALL_DETECTORS
+]
+
+
+def sanitize_output(text, custom_detectors=None, detailed=False):
+    """Sanitize sensitive data from text.
+
+    Args:
+        text: Input text to sanitize.
+        custom_detectors: Optional list of custom detector dicts with
+            'TYPE', 'PATTERN', and 'PLACEHOLDER' keys.
+        detailed: If True, returns a SanitizeResult with findings and
+            a reversible mapping. If False, returns a plain string.
+
+    Returns:
+        str if detailed=False, SanitizeResult if detailed=True.
+    """
+    compiled = list(_COMPILED_DETECTORS)
+
+    if custom_detectors:
+        for det in custom_detectors:
+            compiled.append((
+                re.compile(det["PATTERN"], re.MULTILINE),
+                det["TYPE"],
+                det["PLACEHOLDER"]
+            ))
+
+    if not detailed:
+        # Simple mode: just replace with static placeholders (backward compatible)
+        cleaned = text
+        for pattern, dtype, placeholder in compiled:
+            cleaned = pattern.sub(placeholder, cleaned)
+        return cleaned
+
+    # Detailed mode: collect findings, build mapping with indexed placeholders
+    # First, find all matches across all detectors
+    all_matches = []
+    for pattern, dtype, placeholder in compiled:
+        for match in pattern.finditer(text):
+            all_matches.append({
+                'start': match.start(),
+                'end': match.end(),
+                'original': match.group(),
+                'type': dtype,
+                'placeholder_base': placeholder,
+            })
+
+    # Sort by start position (earliest first), then by length (longest first)
+    all_matches.sort(key=lambda m: (m['start'], -(m['end'] - m['start'])))
+
+    # Remove overlapping matches (keep the first/longest one)
+    filtered = []
+    last_end = 0
+    for m in all_matches:
+        if m['start'] >= last_end:
+            filtered.append(m)
+            last_end = m['end']
+
+    # Build indexed placeholders and mapping
+    type_counters = {}
+    findings = []
+    mapping = {}
+
+    for m in filtered:
+        base = m['placeholder_base']
+        # Strip brackets, add index, re-bracket
+        inner = base.strip('[]')
+        count = type_counters.get(inner, 0) + 1
+        type_counters[inner] = count
+        indexed = f"[{inner}_{count}]"
+
+        findings.append(Finding(
+            detector_type=m['type'],
+            original=m['original'],
+            placeholder=indexed,
+            start=m['start'],
+            end=m['end'],
+        ))
+        mapping[indexed] = m['original']
+
+    # Build cleaned text by replacing from end to start to preserve positions
+    cleaned = text
+    for finding in reversed(findings):
+        cleaned = cleaned[:finding.start] + finding.placeholder + cleaned[finding.end:]
+
+    return SanitizeResult(
+        cleaned=cleaned,
+        findings=findings,
+        mapping=mapping,
+    )
+
+
+def restore_output(cleaned_text, mapping):
+    """Restore original values from a sanitized text using a mapping.
+
+    Args:
+        cleaned_text: Text with indexed placeholders (e.g., [EMAIL_1]).
+        mapping: Dict mapping placeholders to original values,
+            as returned by SanitizeResult.mapping.
+
+    Returns:
+        str with placeholders replaced by original values.
+    """
+    result = cleaned_text
+    # Sort by placeholder length descending to avoid partial replacements
+    for placeholder, original in sorted(mapping.items(), key=lambda x: -len(x[0])):
+        result = result.replace(placeholder, original)
+    return result

llm_redacted-0.2.0/main/streaming.py

@@ -0,0 +1,132 @@
+"""Streaming sanitizer for real-time LLM output processing."""
+import re
+from main.detectors import ALL_DETECTORS
+
+
+class StreamingSanitizer:
+    """Sanitizes text token-by-token for streaming LLM output.
+
+    Maintains an internal buffer to handle patterns that may span
+    multiple tokens. Emits sanitized text as soon as it's safe to
+    do so.
+
+    Usage:
+        sanitizer = StreamingSanitizer()
+        for token in llm_stream:
+            safe_text = sanitizer.feed(token)
+            print(safe_text, end='', flush=True)
+        # Don't forget to flush at the end
+        print(sanitizer.flush(), end='', flush=True)
+    """
+
+    # Maximum pattern length we might need to buffer for
+    # This is a conservative estimate based on the longest patterns
+    _MAX_PATTERN_LEN = 512
+
+    def __init__(self, custom_detectors=None):
+        """Initialize the streaming sanitizer.
+
+        Args:
+            custom_detectors: Optional list of custom detector dicts
+                with 'TYPE', 'PATTERN', and 'PLACEHOLDER' keys.
+        """
+        self._buffer = ""
+        self._detectors = [
+            (re.compile(det.PATTERN, re.MULTILINE), det.PLACEHOLDER)
+            for det in ALL_DETECTORS
+        ]
+        if custom_detectors:
+            for det in custom_detectors:
+                self._detectors.append((
+                    re.compile(det["PATTERN"], re.MULTILINE),
+                    det["PLACEHOLDER"]
+                ))
+
+    def feed(self, token):
+        """Feed a token into the sanitizer.
+
+        Args:
+            token: A string token from the LLM stream.
+
+        Returns:
+            A string of sanitized text that is safe to emit.
+            May be empty if the sanitizer is buffering.
+        """
+        self._buffer += token
+
+        # If buffer is small, keep accumulating — we might be mid-pattern
+        if len(self._buffer) < self._MAX_PATTERN_LEN:
+            # Check if any pattern could still be growing
+            if self._has_partial_match():
+                return ""
+
+        # Apply all detectors to the buffer
+        sanitized = self._buffer
+        for pattern, placeholder in self._detectors:
+            sanitized = pattern.sub(placeholder, sanitized)
+
+        # Keep a tail portion in the buffer in case a pattern spans
+        # the boundary. The safe portion is everything before the tail.
+        tail_size = min(self._MAX_PATTERN_LEN, len(sanitized))
+
+        if len(sanitized) <= tail_size:
+            # Buffer is still small enough to hold entirely
+            self._buffer = self._buffer  # keep original buffer for partial matching
+            # But if no partial matches, we can emit some
+            if not self._has_partial_match():
+                self._buffer = ""
+                return sanitized
+            return ""
+
+        safe = sanitized[:-tail_size]
+        # We need to figure out how much of the original buffer corresponds
+        # to the safe portion. Apply detectors to progressively larger
+        # prefixes... Actually, simpler approach:
+        # After sanitization, keep the tail of the SANITIZED output
+        # in the buffer and emit the safe prefix.
+        self._buffer = sanitized[-tail_size:]
+        return safe
+
+    def _has_partial_match(self):
+        """Check if any detector pattern could partially match at the end of the buffer."""
+        buf = self._buffer
+        # Check if the buffer ends with something that looks like
+        # the start of a sensitive pattern
+        partial_starters = [
+            r'sk-',           # OpenAI, Stripe
+            r'eyJ',           # JWT
+            r'AKIA', r'ASIA', # AWS
+            r'gh',            # GitHub
+            r'xox',           # Slack
+            r'AC',            # Twilio
+            r'AIza',          # GCP
+            r'Bearer',        # Bearer tokens
+            r'-----BEGIN',    # PEM
+            r'AccountKey=',   # Azure
+        ]
+        for starter in partial_starters:
+            # Check if the buffer ends with a prefix of this starter
+            for i in range(1, len(starter) + 1):
+                if buf.endswith(starter[:i]):
+                    return True
+        return False
+
+    def flush(self):
+        """Flush remaining buffer content.
+
+        Call this when the stream ends to get any remaining text.
+
+        Returns:
+            Sanitized remaining buffer content.
+        """
+        if not self._buffer:
+            return ""
+        sanitized = self._buffer
+        for pattern, placeholder in self._detectors:
+            sanitized = pattern.sub(placeholder, sanitized)
+        self._buffer = ""
+        return sanitized
+
+    def reset(self):
+        """Reset the sanitizer state, clearing the buffer."""
+        self._buffer = ""

llm_redacted-0.2.0/pyproject.toml

@@ -0,0 +1,41 @@
+[build-system]
+requires = ["setuptools>=68.0", "wheel"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "llm-redacted"
+version = "0.2.0"
+description = "A lightweight, zero-dependency output sanitizer for secrets, API keys, and PII."
+readme = "README.md"
+license = {text = "MIT"}
+requires-python = ">=3.8"
+authors = [
+    {name = "redacted"},
+]
+keywords = ["sanitizer", "redaction", "secrets", "pii", "llm", "security", "api-keys"]
+classifiers = [
+    "Development Status :: 3 - Alpha",
+    "Intended Audience :: Developers",
+    "License :: OSI Approved :: MIT License",
+    "Programming Language :: Python :: 3",
+    "Programming Language :: Python :: 3.8",
+    "Programming Language :: Python :: 3.9",
+    "Programming Language :: Python :: 3.10",
+    "Programming Language :: Python :: 3.11",
+    "Programming Language :: Python :: 3.12",
+    "Programming Language :: Python :: 3.13",
+    "Topic :: Security",
+    "Topic :: Software Development :: Libraries :: Python Modules",
+    "Typing :: Typed",
+]
+
+[project.urls]
+Homepage = "https://github.com/redacted/redacted"
+Repository = "https://github.com/redacted/redacted"
+Issues = "https://github.com/redacted/redacted/issues"
+
+[tool.setuptools.packages.find]
+include = ["main*"]
+
+[tool.pytest.ini_options]
+testpaths = ["tests"]

llm_redacted-0.2.0/setup.cfg

@@ -0,0 +1,4 @@
+[egg_info]
+tag_build = 
+tag_date = 0
+

llm_redacted-0.2.0/tests/test_sanitizer.py

@@ -0,0 +1,21 @@
+import unittest
+from main import sanitize_output, restore_output
+
+class TestSanitizer(unittest.TestCase):
+    def test_basic_sanitize(self):
+        text = "My email is test@gmail.com and key is sk-12345678901234567890"
+        clean = sanitize_output(text)
+        self.assertIn("[EMAIL]", clean)
+        self.assertIn("[OPENAI_KEY]", clean)
+
+    def test_detailed_sanitize(self):
+        text = "Contact a@b.com or c@d.com"
+        result = sanitize_output(text, detailed=True)
+        self.assertIn("[EMAIL_1]", result.cleaned)
+        self.assertIn("[EMAIL_2]", result.cleaned)
+        
+        restored = restore_output(result.cleaned, result.mapping)
+        self.assertEqual(restored, text)
+
+if __name__ == '__main__':
+    unittest.main()