Cloak your prompts. Prove your compliance.
Open-source PII protection middleware for LLMs. Detect sensitive data, replace it with reversible tokens, and maintain tamper-evident audit logs — all before your prompts leave your infrastructure.
$ pip install cloakllm$ npm install cloakllm
Your LLM prompts are plaintext confessions.
Every API call to an LLM sends raw customer data — names, emails, SSNs — to third-party servers. Under the EU AI Act, that's a compliance liability.
The Risk
PII in prompts means your users' personal data is processed by third-party LLM providers — often without consent or safeguards.
The Deadline
August 2, 2026 — EU AI Act Article 12 transparency requirements take effect for high-risk AI systems.
The Penalty
Non-compliance fines up to 7% of global revenue or 35 million, whichever is higher.
3-Pass Detection Pipeline
Multiple layers of detection ensure no PII slips through. Each pass catches what the previous one missed.
Regex
High-precision pattern matching for structured data.
spaCy NER
Named entity recognition for names, orgs, and locations. (Python only)
Ollama LLM
Local LLM-based semantic detection for contextual PII. (opt-in)
Help me write a follow-up email
to Sarah Johnson (sarah.j@techcorp.io)
about the Q3 security audit.
Her direct line is +1-555-0142.Help me write a follow-up email
to [PERSON_0] ([EMAIL_0])
about the Q3 security audit.
Her direct line is [PHONE_0].Everything you need to protect PII
Drop-in middleware that works with your existing LLM stack. No vendor lock-in, no cloud dependencies.
9 Detection Categories
Emails, SSNs, credit cards, phone numbers, API keys, IBANs, JWTs, AWS keys, and IP addresses — all detected out of the box.
Reversible Tokenization
Deterministic [CATEGORY_N] tokens preserve context for the LLM. Desanitize to restore originals in responses.
Tamper-Evident Audit Logs
Hash-chained JSONL entries with SHA-256. No PII stored — just hashes and counts. EU AI Act Article 12 ready.
One-Line Integration
cloakllm.enable() wraps LiteLLM (Python) or the OpenAI SDK (JS). Works with Vercel AI SDK middleware too.
Zero Runtime Deps (JS)
The JavaScript SDK has zero runtime dependencies. Just npm install and go. Python uses only spaCy.
Local LLM Detection
Opt-in Ollama integration catches addresses, medical terms, DOBs, and more. Data never leaves your machine.
One line to protect your LLM calls
Drop-in middleware for every major LLM framework. No code rewrites needed.
import cloakllm
cloakllm.enable() # Wraps LiteLLM — all calls are now protected
import litellm
response = litellm.completion(
model="anthropic/claude-sonnet-4-20250514",
messages=[{
"role": "user",
"content": "Help me email Sarah Johnson (sarah.j@techcorp.io)"
}],
)
# PII automatically restored in the response
print(response.choices[0].message.content)Get started in seconds
Install the SDK for your language and start protecting PII immediately.
Python
$ pip install cloakllm$ python -m spacy download en_core_web_smJavaScript / TypeScript
$ npm install cloakllmMCP Server
$ pip install cloakllm-mcpSDK Comparison
Three SDKs, same core protection. Pick the one that fits your stack.
| Feature | Python | JavaScript | MCP |
|---|---|---|---|
| Regex PII Detection | |||
| spaCy NER (PERSON, ORG, GPE) | |||
| Ollama LLM Detection (opt-in) | |||
| Reversible Tokenization | |||
| Hash-Chained Audit Logs | |||
| CLI (scan / verify / stats) | |||
| Multi-Turn Token Maps | |||
| Custom Patterns | |||
| Middleware Integration | LiteLLM | OpenAI / Vercel | Claude Desktop |
| Zero Runtime Dependencies |