Agentic Trace Scrubbing: PII and Secret Masking

Security · updated Wed Feb 25

Preventing sensitive data leaks in agent logs and context windows.

Steps

  1. Pre-process tool outputs to detect PII (emails, keys, tokens).
  2. Mask sensitive fields in 'Agent Observations' before context entry.
  3. Maintain separate 'Raw' and 'Redacted' log views for developers.
  4. Implement an 'Entropy Filter' to detect potential secret leaks.
  5. Auto-purge session traces upon final goal achievement.

view raw JSON →