<p align="center">
- <img src="assets/wordmark-light.svg" width="220" height="44" alt="PasteGuard">
+ <picture>
+ <source media="(prefers-color-scheme: dark)" srcset="assets/wordmark-dark.svg">
+ <source media="(prefers-color-scheme: light)" srcset="assets/wordmark-light.svg">
+ <img src="assets/wordmark-light.svg" width="220" height="44" alt="PasteGuard">
+ </picture>
</p>
<p align="center">
<a href="https://github.com/sgasser/pasteguard/actions/workflows/ci.yml"><img src="https://github.com/sgasser/pasteguard/actions/workflows/ci.yml/badge.svg" alt="CI"></a>
<a href="LICENSE"><img src="https://img.shields.io/badge/License-Apache%202.0-blue.svg" alt="License"></a>
+ <a href="https://github.com/sgasser/pasteguard/releases"><img src="https://img.shields.io/github/v/release/sgasser/pasteguard" alt="Release"></a>
</p>
<p align="center">
- Privacy proxy for OpenAI and Anthropic. Masks personal data and secrets before they reach the API.
+ <strong>AI gets the context. Not your secrets.</strong><br>
+ Automatically hides names, emails, and API keys before you send prompts to AI.
</p>
<p align="center">
<a href="#quick-start"><strong>Quick Start</strong></a> ·
- <a href="https://pasteguard.com/docs"><strong>Documentation</strong></a> ·
- <a href="https://pasteguard.com/docs/integrations"><strong>Integrations</strong></a>
+ <a href="#chat"><strong>Chat</strong></a> ·
+ <a href="#coding-tools"><strong>Coding Tools</strong></a> ·
+ <a href="https://pasteguard.com/docs"><strong>Documentation</strong></a>
</p>
<br/>
-<img src="assets/demo.gif" width="100%" alt="PasteGuard Demo">
+<picture>
+ <source media="(prefers-color-scheme: dark)" srcset="assets/comparison-dark.png">
+ <source media="(prefers-color-scheme: light)" srcset="assets/comparison.png">
+ <img src="assets/comparison.png" width="100%" alt="PasteGuard — Without vs. With: masks names, emails, and API keys before they reach AI">
+</picture>
-## What is PasteGuard?
-
-PasteGuard is a privacy proxy that masks personal data and secrets before they reach OpenAI or Anthropic.
-
-```
-You send: "Email Dr. Sarah Chen at sarah@hospital.org"
-LLM sees: "Email [[PERSON_1]] at [[EMAIL_ADDRESS_1]]"
-You get: Response with original names restored
-```
-
-**Two ways to protect your data:**
-
-- **Mask Mode** — Replace PII with placeholders, send to OpenAI or Anthropic, restore in response. No local infrastructure needed.
-- **Route Mode** — Send PII requests to a local LLM (Ollama, vLLM, llama.cpp), everything else to OpenAI or Anthropic. Data never leaves your network.
-
-Just change one URL to start protecting your data.
-
-## Browser Extension (Beta)
-
-An open source browser extension that brings PasteGuard protection to ChatGPT, Claude, Gemini, Copilot, and Perplexity.
+<p align="center">
+ Detects 30+ types of sensitive data across 24 languages.<br>
+ Your data never leaves your machine.
+</p>
-- Paste customer data → PII is masked before it reaches the AI
-- You see the original, AI sees `[[PERSON_1]]`, `[[EMAIL_1]]`
+## Works Everywhere
-Open source (Apache 2.0). Built in public — early feedback shapes the product.
+**[Chat](https://pasteguard.com/docs/use-cases/chat)** — Masks PII and secrets when you paste into ChatGPT, Claude, and Gemini. You see originals, AI sees placeholders.
-**[Join the Beta →](https://tally.so/r/J9pNLr)**
+**[Apps](https://pasteguard.com/docs/use-cases/apps)** — Open WebUI, LibreChat, or any self-hosted AI setup. Optionally routes sensitive requests to a local model.
-## Features
+**[Coding Tools](https://pasteguard.com/docs/use-cases/coding-tools)** — Cursor, Claude Code, Copilot, Windsurf — your codebase context flows to the provider. PasteGuard masks secrets and PII before they leave.
-- **PII Detection** — Names, emails, phone numbers, credit cards, IBANs, and more
-- **Secrets Detection** — API keys, tokens, private keys caught before they reach OpenAI or Anthropic
-- **Streaming Support** — Real-time unmasking as tokens arrive
-- **24 Languages** — English, German, French, and 21 more
-- **OpenAI** — Works with OpenAI and compatible APIs (Azure, OpenRouter, Groq, Together AI, etc.)
-- **Anthropic** — Native Claude support, works with Claude Code
-- **Self-Hosted** — Your servers, your data stays yours
-- **Open Source** — Apache 2.0 license
-- **Dashboard** — See every protected request in real-time
+**[API Integration](https://pasteguard.com/docs/use-cases/api-integration)** — Sits between your code and OpenAI or Anthropic. Change one URL, your users' data stays protected.
## Quick Start
+Run PasteGuard as a local proxy:
+
```bash
docker run --rm -p 3000:3000 ghcr.io/sgasser/pasteguard:en
```
-Point your app to PasteGuard:
+Point your tools or app to PasteGuard instead of the provider:
| API | PasteGuard URL | Original URL |
|----------|----------------|--------------|
| OpenAI | `http://localhost:3000/openai/v1` | `https://api.openai.com/v1` |
| Anthropic | `http://localhost:3000/anthropic` | `https://api.anthropic.com` |
-Dashboard: [http://localhost:3000/dashboard](http://localhost:3000/dashboard)
-
-<img src="assets/dashboard.png" width="100%" alt="PasteGuard Dashboard">
+```python
+# One line to protect your data
+client = OpenAI(base_url="http://localhost:3000/openai/v1")
+```
-### European Languages
+<details>
+<summary><strong>European Languages</strong></summary>
For German, Spanish, French, Italian, Dutch, Polish, Portuguese, and Romanian:
For custom config, persistent logs, or other languages: **[Read the docs →](https://pasteguard.com/docs/installation)**
-## Integrations
+</details>
+
+<details>
+<summary><strong>Route Mode</strong></summary>
+
+Route Mode sends requests containing sensitive data to a local LLM (Ollama, vLLM, llama.cpp). Everything else goes to OpenAI or Anthropic. Sensitive data stays on your network.
+
+**[Route Mode docs →](https://pasteguard.com/docs/concepts/route-mode)**
+
+</details>
-Works with OpenAI, Anthropic, and compatible tools:
+## Chat
-- OpenAI SDK (Python/JS)
-- Anthropic SDK / Claude Code
-- LangChain
-- LlamaIndex
-- Cursor
-- Open WebUI
-- LibreChat
+Open-source browser extension for ChatGPT, Claude, and Gemini.
-**[See all integrations →](https://pasteguard.com/docs/integrations)**
+- Paste customer data → masked before it reaches the AI
+- AI responds with placeholders → you see the originals
+- Works with the same detection engine as the proxy
-## What It Detects
+Currently in beta. Apache 2.0.
-**PII** (powered by [Microsoft Presidio](https://microsoft.github.io/presidio/))
-- Names
-- Emails
-- Phone numbers
-- Credit cards
-- IBANs
-- IP addresses
-- Locations
+**[Join the Beta →](https://tally.so/r/J9pNLr)** · **[Chat docs →](https://pasteguard.com/docs/use-cases/chat)**
-**Secrets**
-- OpenSSH private keys
-- PEM private keys
-- API keys with sk- or sk_ prefix (OpenAI, Anthropic, Stripe, etc.)
-- AWS access keys
-- GitHub tokens
-- JWT tokens
-- Bearer tokens
+## Coding Tools
+
+Protect your codebase context and secrets when using AI coding assistants.
+
+**Claude Code:**
+
+```bash
+ANTHROPIC_BASE_URL=http://localhost:3000/anthropic claude
+```
+
+**Cursor:** Settings → Models → Enable "Override OpenAI Base URL" → `http://localhost:3000/openai/v1`
+
+**[Coding Tools docs →](https://pasteguard.com/docs/use-cases/coding-tools)**
+
+## Dashboard
+
+Every request is logged with masking details. See what was detected, what was masked, and what reached the provider.
+
+<img src="assets/dashboard.png" width="100%" alt="PasteGuard Dashboard">
+
+[localhost:3000/dashboard](http://localhost:3000/dashboard)
+
+## What it catches
+
+**Personal data** — Names, emails, phone numbers, credit cards, IBANs, IP addresses, locations. Powered by [Microsoft Presidio](https://microsoft.github.io/presidio/). 24 languages.
+
+**Secrets** — API keys (OpenAI, Anthropic, Stripe, AWS, GitHub), SSH and PEM private keys, JWT tokens, bearer tokens, passwords, connection strings.
+
+Both detected and masked in real time, including streaming responses.
## Tech Stack
[Bun](https://bun.sh) · [Hono](https://hono.dev) · [Microsoft Presidio](https://microsoft.github.io/presidio/) · SQLite
+## Contributing
+
+See [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines on how to contribute.
+
## License
[Apache 2.0](LICENSE)
description: POST /anthropic/v1/messages
---
-# Anthropic Endpoint
-
Generate messages with automatic PII and secrets protection using the Anthropic Messages API.
```
description: Request logs and statistics
---
-# Dashboard API
-
The dashboard provides an API for accessing request logs and statistics.
## Logs
description: POST /api/mask
---
-# Mask API
-
Standalone endpoint for masking PII and secrets in text. Use this endpoint when you need to mask text independently of LLM provider proxies.
```
description: POST /openai/v1/chat/completions
---
-# OpenAI Endpoint
-
Generate chat completions with automatic PII and secrets protection.
```
description: Health check and info endpoints
---
-# Status Endpoints
-
## Health Check
Check if PasteGuard and its dependencies are running.
description: Replace PII with placeholders before sending to OpenAI or Anthropic
---
-# Mask Mode
-
Mask mode replaces PII with placeholders before sending to OpenAI or Anthropic. The response is automatically unmasked before returning to you.
## How It Works
description: Personal data detection powered by Microsoft Presidio
---
-# PII Detection
-
PasteGuard uses Microsoft Presidio for PII detection, supporting 24 languages with automatic language detection.
## Supported Entities
description: Route PII requests to a local LLM
---
-# Route Mode
-
Route mode sends requests containing PII to a local LLM. Requests without PII go to OpenAI or Anthropic.
## How It Works
description: Detect and protect private keys, API keys, tokens, and environment credentials
---
-# Secrets Detection
-
PasteGuard detects secrets before PII detection and can block, mask, or route requests containing sensitive credentials.
## Supported Secret Types
description: Configure request logging
---
-# Logging Configuration
-
```yaml
logging:
database: ./data/pasteguard.db
description: Configuration basics
---
-# Configuration Overview
-
PasteGuard is configured via `config.yaml`. Copy from the example:
```bash
description: Configure PII detection settings
---
-# PII Detection Configuration
-
```yaml
pii_detection:
presidio_url: http://localhost:5002
description: Configure OpenAI, Anthropic, and local LLM endpoints
---
-# Providers
-
Configure endpoints for OpenAI, Anthropic, and local LLMs.
## OpenAI Provider
description: Configure detection of private keys, API keys, tokens, and environment credentials
---
-# Secrets Detection Configuration
-
```yaml
secrets_detection:
enabled: true
description: Docker images and deployment options
---
-# Installation
-
PasteGuard provides prebuilt Docker images for quick deployment. No build step required.
## Docker Image
+++ /dev/null
----
-title: Integrations
-description: Use PasteGuard with IDEs, chat interfaces, and SDKs
----
-
-# Integrations
-
-PasteGuard drops into your existing workflow. Point your tools to PasteGuard and every request gets PII protection automatically.
-
-| API | PasteGuard URL |
-|----------|----------------|
-| OpenAI | `http://localhost:3000/openai/v1` |
-| Anthropic | `http://localhost:3000/anthropic` |
-
-## AI Coding Assistants
-
-### Claude Code
-
-Protect your prompts when using Claude Code. One environment variable, full PII protection:
-
-```bash
-ANTHROPIC_BASE_URL=http://localhost:3000/anthropic claude
-```
-
-Customer names, emails, and sensitive data in your codebase stay private.
-
-### Cursor
-
-Add PII protection to your Cursor workflow:
-
-1. Open **Settings** → **Models**
-2. Scroll to **API Keys** section
-3. Enable **Override OpenAI Base URL** toggle
-4. Enter: `http://localhost:3000/openai/v1`
-5. Add your OpenAI API key
-
-Every code completion and chat message now goes through PasteGuard.
-
-## Chat Interfaces
-
-### Open WebUI
-
-Self-host your chat interface with built-in privacy:
-
-```bash
-OPENAI_API_BASE_URL=http://localhost:3000/openai/v1
-```
-
-<Note>In Docker Compose, use the service name instead of `localhost` (e.g., `http://pasteguard:3000/openai/v1`).</Note>
-
-### LibreChat
-
-Add PasteGuard as a custom endpoint:
-
-```yaml
-version: 1.2.8
-cache: true
-endpoints:
- custom:
- - name: "PasteGuard"
- apiKey: "${OPENAI_API_KEY}" # Your API key, forwarded to OpenAI
- baseURL: "http://localhost:3000/openai/v1"
- models:
- default: ["gpt-5.2"]
- fetch: true
- titleConvo: true
- titleModel: "gpt-5.2"
-```
-
-## SDKs
-
-### Anthropic SDK
-
-<CodeGroup>
-
-```python Python
-from anthropic import Anthropic
-
-client = Anthropic(
- base_url="http://localhost:3000/anthropic"
-)
-```
-
-```javascript JavaScript
-import Anthropic from '@anthropic-ai/sdk';
-
-const client = new Anthropic({
- baseURL: 'http://localhost:3000/anthropic'
-});
-```
-
-</CodeGroup>
-
-### OpenAI SDK
-
-<CodeGroup>
-
-```python Python
-from openai import OpenAI
-
-client = OpenAI(
- base_url="http://localhost:3000/openai/v1"
-)
-```
-
-```javascript JavaScript
-import OpenAI from 'openai';
-
-const client = new OpenAI({
- baseURL: 'http://localhost:3000/openai/v1'
-});
-```
-
-</CodeGroup>
-
-### LangChain
-
-```python
-from langchain_openai import ChatOpenAI
-
-llm = ChatOpenAI(
- base_url="http://localhost:3000/openai/v1"
-)
-```
-
-### LlamaIndex
-
-```python
-from llama_index.llms.openai_like import OpenAILike
-
-llm = OpenAILike(
- api_base="http://localhost:3000/openai/v1",
- model="gpt-5.2",
- is_chat_model=True
-)
-```
-
-## Environment Variables
-
-Most tools respect the standard environment variables:
-
-```bash
-# OpenAI-compatible tools
-export OPENAI_API_BASE=http://localhost:3000/openai/v1
-
-# Anthropic tools
-export ANTHROPIC_BASE_URL=http://localhost:3000/anthropic
-```
-
-## Verify It Works
-
-Check the response headers to confirm PasteGuard is processing requests:
-
-```bash
-curl -i http://localhost:3000/openai/v1/chat/completions \
- -H "Authorization: Bearer $OPENAI_API_KEY" \
- -H "Content-Type: application/json" \
- -d '{"model": "gpt-5.2", "messages": [{"role": "user", "content": "Hi"}]}'
-```
-
-Look for:
-```
-X-PasteGuard-Mode: mask
-X-PasteGuard-Provider: openai
-```
---
title: Introduction
-description: Privacy proxy for OpenAI and Anthropic
+description: AI gets the context. Not your secrets. Open-source privacy proxy for OpenAI, Anthropic, and any AI.
---
-PasteGuard masks personal data and secrets before they reach OpenAI or Anthropic.
+PasteGuard automatically hides names, emails, and API keys before you send prompts to AI. Your data never leaves your machine.
-```
-You send: "Email Dr. Sarah Chen at sarah@hospital.org"
-LLM sees: "Email [[PERSON_1]] at [[EMAIL_ADDRESS_1]]"
-You get: Response with original names restored
-```
-
-PasteGuard sits between your app and the API:
+Detects 30+ types of sensitive data across 24 languages.
<Frame>
- <img src="/images/demo.gif" alt="PasteGuard Demo" />
+ <img className="block dark:hidden" src="/images/comparison-light.png" alt="PasteGuard Comparison" />
+ <img className="hidden dark:block" src="/images/comparison-dark.png" alt="PasteGuard Comparison" />
</Frame>
-Two privacy modes:
+## Works Everywhere
+
+<CardGroup cols={2}>
+ <Card title="Chat" icon="comment" href="/use-cases/chat">
+ ChatGPT, Claude, Gemini
+ </Card>
+ <Card title="Apps" icon="table-columns" href="/use-cases/apps">
+ Open WebUI, LibreChat
+ </Card>
+ <Card title="Coding Tools" icon="code" href="/use-cases/coding-tools">
+ Cursor, Claude Code, Copilot, Windsurf
+ </Card>
+ <Card title="API Integration" icon="plug" href="/use-cases/api-integration">
+ OpenAI SDK, Anthropic SDK, LangChain
+ </Card>
+</CardGroup>
+
+## Two Privacy Modes
| Mode | How it works |
|------|--------------|
| **Mask** | Replace PII with placeholders, send to OpenAI or Anthropic, restore in response |
| **Route** | PII requests stay on your local LLM (Ollama, vLLM, llama.cpp), others go to OpenAI or Anthropic |
-## Browser Extension (Beta)
-
-An open source browser extension that brings PasteGuard protection to ChatGPT, Claude, Gemini, Copilot, and Perplexity.
-
-- Paste customer data → PII is masked before it reaches the AI
-- You see the original, AI sees `[[PERSON_1]]`, `[[EMAIL_1]]`
-
-Open source (Apache 2.0). Built in public — early feedback shapes the product.
-
-<Card title="Join the Beta" icon="flask" href="https://tally.so/r/J9pNLr">
- Get early access to the browser extension
-</Card>
-
-## Features
-
-- **PII Detection** — Names, emails, phone numbers, credit cards, IBANs, and more
-- **Secrets Detection** — API keys, tokens, private keys caught before they reach OpenAI or Anthropic
-- **Streaming Support** — Real-time unmasking as tokens arrive
-- **24 Languages** — English, German, French, and 21 more
-- **OpenAI** — Works with OpenAI and compatible APIs (Azure, OpenRouter, Groq, Together AI, etc.)
-- **Anthropic** — Native Claude support, works with Claude Code
-- **Self-Hosted** — Your servers, your data stays yours
-- **Open Source** — Apache 2.0 license
-- **Dashboard** — See every protected request in real-time
+PasteGuard runs on your servers. Personal data never leaves your infrastructure, and the LLM provider never sees real names, emails, or secrets.
## Next Steps
<CardGroup cols={2}>
<Card title="Quickstart" icon="rocket" href="/quickstart">
- Get running in 2 minutes
- </Card>
- <Card title="Mask Mode" icon="eye-slash" href="/concepts/mask-mode">
- Replace PII with placeholders
- </Card>
- <Card title="Route Mode" icon="code-branch" href="/concepts/route-mode">
- Route PII to local LLM
+ Run PasteGuard as a local proxy
</Card>
<Card title="Configuration" icon="gear" href="/configuration/overview">
- Customize your setup
+ Customize detection and providers
</Card>
</CardGroup>
"navigation": [
{
"group": "Getting Started",
- "pages": ["introduction", "quickstart", "installation", "integrations"]
+ "pages": ["introduction", "quickstart", "installation"]
+ },
+ {
+ "group": "Use Cases",
+ "pages": [
+ "use-cases/chat",
+ "use-cases/apps",
+ "use-cases/coding-tools",
+ "use-cases/api-integration"
+ ]
},
{
"group": "Concepts",
---
title: Quickstart
-description: Get PasteGuard running in 2 minutes
+description: Run PasteGuard as a local proxy
---
-# Quickstart
-
## 1. Start PasteGuard
```bash
For custom configuration, European languages, or persistent logs, see [Installation](/installation).
</Note>
-## 2. Make a Request
-
-Point your OpenAI client to PasteGuard:
-
-<CodeGroup>
-
-```python Python
-from openai import OpenAI
+## 2. API Endpoints
-client = OpenAI(
- base_url="http://localhost:3000/openai/v1",
- api_key="your-openai-key"
-)
-
-response = client.chat.completions.create(
- model="gpt-5.2",
- messages=[
- {"role": "user", "content": "Write a follow-up email to Dr. Sarah Chen (sarah.chen@hospital.org)"}
- ]
-)
-
-print(response.choices[0].message.content)
-```
+Point your tools or SDKs to PasteGuard:
-```javascript JavaScript
-import OpenAI from 'openai';
+| API | PasteGuard URL |
+|----------|----------------|
+| OpenAI | `http://localhost:3000/openai/v1` |
+| Anthropic | `http://localhost:3000/anthropic` |
-const client = new OpenAI({
- baseURL: 'http://localhost:3000/openai/v1',
- apiKey: 'your-openai-key'
-});
+## 3. Verify It Works
-const response = await client.chat.completions.create({
- model: 'gpt-5.2',
- messages: [
- { role: 'user', content: 'Write a follow-up email to Dr. Sarah Chen (sarah.chen@hospital.org)' }
- ]
-});
+Send a test request and check the response headers:
-console.log(response.choices[0].message.content);
-```
-
-```bash cURL
-curl http://localhost:3000/openai/v1/chat/completions \
+```bash
+curl -i http://localhost:3000/openai/v1/chat/completions \
-H "Authorization: Bearer $OPENAI_API_KEY" \
-H "Content-Type: application/json" \
- -d '{
- "model": "gpt-5.2",
- "messages": [
- {"role": "user", "content": "Write a follow-up email to Dr. Sarah Chen (sarah.chen@hospital.org)"}
- ]
- }'
+ -d '{"model": "gpt-5.2", "messages": [{"role": "user", "content": "Write a follow-up email to Dr. Sarah Chen (sarah.chen@hospital.org)"}]}'
```
-</CodeGroup>
-
-## 3. Verify PII Protection
-
-Check the response headers:
-
+Look for:
```
X-PasteGuard-PII-Detected: true
X-PasteGuard-PII-Masked: true
<img src="/images/dashboard.png" alt="PasteGuard Dashboard" />
</Frame>
-## What's Next?
+## Now Configure Your Tool
<CardGroup cols={2}>
- <Card title="Installation" icon="download" href="/installation">
- Docker images and language options
+ <Card title="Chat" icon="comment" href="/use-cases/chat">
+ ChatGPT, Claude, Gemini
</Card>
- <Card title="Mask Mode" icon="eye-slash" href="/concepts/mask-mode">
- How PII masking works
+ <Card title="Apps" icon="table-columns" href="/use-cases/apps">
+ Open WebUI, LibreChat
</Card>
- <Card title="Route Mode" icon="code-branch" href="/concepts/route-mode">
- Route sensitive requests locally
+ <Card title="Coding Tools" icon="code" href="/use-cases/coding-tools">
+ Cursor, Claude Code, Copilot, Windsurf
</Card>
- <Card title="Configuration" icon="gear" href="/configuration/overview">
- Customize detection and providers
+ <Card title="API Integration" icon="plug" href="/use-cases/api-integration">
+ OpenAI SDK, Anthropic SDK, LangChain
</Card>
</CardGroup>
--- /dev/null
+---
+title: API Integration
+sidebarTitle: API Integration
+description: Mask PII in your AI-powered application with OpenAI, Anthropic, LangChain, and LlamaIndex
+---
+
+Point your SDK to PasteGuard instead of the provider directly. Every request gets PII and secrets protection automatically.
+
+## OpenAI SDK
+
+<CodeGroup>
+
+```python Python
+from openai import OpenAI
+
+client = OpenAI(
+ base_url="http://localhost:3000/openai/v1"
+)
+```
+
+```javascript JavaScript
+import OpenAI from 'openai';
+
+const client = new OpenAI({
+ baseURL: 'http://localhost:3000/openai/v1'
+});
+```
+
+</CodeGroup>
+
+## Anthropic SDK
+
+<CodeGroup>
+
+```python Python
+from anthropic import Anthropic
+
+client = Anthropic(
+ base_url="http://localhost:3000/anthropic"
+)
+```
+
+```javascript JavaScript
+import Anthropic from '@anthropic-ai/sdk';
+
+const client = new Anthropic({
+ baseURL: 'http://localhost:3000/anthropic'
+});
+```
+
+</CodeGroup>
+
+## LangChain
+
+```python
+from langchain_openai import ChatOpenAI
+
+llm = ChatOpenAI(
+ base_url="http://localhost:3000/openai/v1"
+)
+```
+
+## LlamaIndex
+
+```python
+from llama_index.llms.openai_like import OpenAILike
+
+llm = OpenAILike(
+ api_base="http://localhost:3000/openai/v1",
+ model="gpt-5.2",
+ is_chat_model=True
+)
+```
--- /dev/null
+---
+title: Apps
+sidebarTitle: Apps
+description: Protect data in Open WebUI, LibreChat, and other self-hosted AI setups
+---
+
+PasteGuard sits between your self-hosted chat interface and the LLM provider. Users interact with Open WebUI, LibreChat, or similar tools — PasteGuard handles privacy automatically in the background.
+
+## Open WebUI
+
+Point Open WebUI to PasteGuard instead of OpenAI directly:
+
+```bash
+OPENAI_API_BASE_URL=http://localhost:3000/openai/v1
+```
+
+<Note>In Docker Compose, use the service name instead of `localhost` (e.g., `http://pasteguard:3000/openai/v1`).</Note>
+
+## LibreChat
+
+Add PasteGuard as a custom endpoint in your LibreChat configuration:
+
+```yaml
+version: 1.2.8
+cache: true
+endpoints:
+ custom:
+ - name: "PasteGuard"
+ apiKey: "${OPENAI_API_KEY}" # Your API key, forwarded to OpenAI
+ baseURL: "http://localhost:3000/openai/v1"
+ models:
+ default: ["gpt-5.2"]
+ fetch: true
+ titleConvo: true
+ titleModel: "gpt-5.2"
+```
+
+## Mask Mode vs Route Mode
+
+Self-hosted setups can use either privacy mode depending on your requirements:
+
+| Mode | Best for | How it works |
+|------|----------|--------------|
+| **Mask** | Teams using cloud LLMs (OpenAI, Anthropic) | Replaces PII with placeholders, sends to cloud provider, restores in response |
+| **Route** | Teams with a local LLM (Ollama, vLLM) | Requests containing PII stay on your local LLM, others go to the cloud provider |
+
+Route Mode requires a local LLM provider configured in `config.yaml`. See [Route Mode](/concepts/route-mode) for setup details.
+
+Mask Mode works out of the box with any provider. See [Mask Mode](/concepts/mask-mode) for how masking and unmasking works.
+
+## API Endpoints
+
+| API | PasteGuard URL |
+|----------|----------------|
+| OpenAI | `http://localhost:3000/openai/v1` |
+| Anthropic | `http://localhost:3000/anthropic` |
--- /dev/null
+---
+title: Chat
+sidebarTitle: Chat
+description: Mask PII when pasting into ChatGPT, Claude, and Gemini
+---
+
+Paste customer data into ChatGPT — the AI sees `[[PERSON_1]]` and `[[EMAIL_ADDRESS_1]]`. When you copy the response, placeholders are replaced with the originals.
+
+## Supported Platforms
+
+- ChatGPT (chatgpt.com)
+- Claude (claude.ai)
+- Google Gemini (gemini.google.com)
+
+## How It Works
+
+1. **Paste** — You paste text containing PII into the chat input
+2. **Mask** — The extension detects and masks PII via your local PasteGuard server
+3. **Chat** — The masked text is inserted into the chat. The AI only sees placeholders.
+4. **Copy** — When you copy the AI's response, placeholders are replaced with the original values
+
+Placeholder numbering stays consistent across messages in the same conversation. Streamed responses are highlighted in real-time.
+
+## Requirements
+
+The extension needs PasteGuard running locally:
+
+```bash
+docker run --rm -p 3000:3000 ghcr.io/sgasser/pasteguard:en
+```
+
+See [Quickstart](/quickstart) for setup details.
+
+## Beta
+
+The browser extension is in beta. Open source (Apache 2.0).
+
+<Card title="Join the Beta" icon="flask" href="https://tally.so/r/J9pNLr">
+ Get early access to the browser extension
+</Card>
--- /dev/null
+---
+title: Coding Tools
+description: Protect your codebase context and secrets in Claude Code, Cursor, and other AI coding assistants
+---
+
+PasteGuard protects your codebase when you use AI coding assistants. Config files with database credentials, customer data in test fixtures, API keys in environment files — all masked before reaching the provider.
+
+## What Gets Detected
+
+- **Secrets** — API keys, private keys, database passwords, tokens in config files and `.env` files
+- **PII** — Customer names, emails, phone numbers in code comments, test data, or log output
+
+PII detection supports [24 languages](/installation). Full entity lists: [PII Detection](/concepts/pii-detection), [Secrets Detection](/concepts/secrets-detection).
+
+## Claude Code
+
+One environment variable:
+
+```bash
+ANTHROPIC_BASE_URL=http://localhost:3000/anthropic claude
+```
+
+To make it permanent, add to your shell profile:
+
+```bash
+export ANTHROPIC_BASE_URL=http://localhost:3000/anthropic
+```
+
+## Cursor
+
+1. Open **Settings** → **Models**
+2. Scroll to **API Keys** section
+3. Enable **Override OpenAI Base URL** toggle
+4. Enter: `http://localhost:3000/openai/v1`
+5. Add your OpenAI API key
+
+## Environment Variables
+
+Most AI coding tools respect the standard environment variables:
+
+```bash
+# OpenAI-compatible tools
+export OPENAI_API_BASE=http://localhost:3000/openai/v1
+
+# Anthropic tools (Claude Code, etc.)
+export ANTHROPIC_BASE_URL=http://localhost:3000/anthropic
+```
+
+## API Endpoints
+
+| API | PasteGuard URL |
+|----------|----------------|
+| OpenAI | `http://localhost:3000/openai/v1` |
+| Anthropic | `http://localhost:3000/anthropic` |
git.99rst.org / sgasser-llm-shield.git / commitdiff
