Redactr scrubs secrets and PII out of every AI request before it leaves your machine. API keys, credentials, customer records: redacted before Claude, Copilot or ChatGPT ever see them.
One command to install. No code leaves your control.
No more deleting keys before every prompt. Point your AI at real files and keep working. Redactr cleans each request on the way out.
Let your team use the tools that make them fast, without it becoming a credential leak or a customer-data incident.
Keep PII out of third-party AI tools and get a metadata-only audit trail. The control and the evidence you need for GDPR, HIPAA and PCI reviews.
Every prompt carries whatever's in the open file. A key here, a customer record there. The tools are too useful to drop and too quiet to trust blindly, and right now nobody can see what's leaving the building.
A hardcoded API key, a database URL, a private key someone committed two years ago. They travel with the context on every prompt, whether you meant to send them or not.
A name in a test fixture, an email in a log line, an SSN in the row you're debugging. Once it's in someone else's logs, "we won't train on it" is not an answer you can give an auditor under GDPR, HIPAA or PCI.
Which developers, which tools, which data, how often? There's no log and no number. You can't fix what you can't see.
Redactr sits between your AI tools and the model. It reads each outbound request, redacts the secrets and PII, and forwards the rest in milliseconds. Your AI still gets the code it needs to help. It just never sees the parts that should stay home.
Emails, card numbers, SSNs, tokens and IDs that always look the same.
Fresh API keys match no pattern. Redactr flags strings too random to be anything but a secret.
Catches names, addresses and other PII by how they're used, not just how they look.
The free Community edition runs Layers 1-2 (regex + entropy). Layer 3 (context-aware ML) and the benchmarks below are Redactr Enterprise.
It works in the background. You get a green light and keep coding. Your security team gets answers it never had before.
Catches the obvious secrets and the ones that don't look like anything, without stripping the context your AI needs. Free does regex + entropy; context-aware ML is Enterprise.
Each AI agent runs in a sealed container that can only reach the world through Redactr. A sketchy dependency stays boxed in.
Set policy once, sign it, push it to every device. It applies automatically and keeps working even if the server is unreachable.
See how many machines are protected right now, and get flagged the moment a tool talks to a provider outside the proxy.
Policies are cryptographically signed, so one misconfigured or compromised device can't quietly weaken your protection.
Type redactr run claude and you're protected. Nothing new to learn.
Credentials, keys and customer data are the things that turn into incidents. Redactr is built to catch those, and to get better over time.
EnterpriseThese figures measure Redactr Enterprise's layered detection. The free Community edition does regex + entropy (no ML), so these benchmarks don't apply to it.
No scanner catches everything, and anyone who says theirs hits 100% is selling you something. Redactr is a very good seatbelt, not a force field: it turns an invisible, unmeasured leak into something you can see and steadily tighten. (Figures above are from our own testing of Redactr Enterprise on public PII datasets; the free edition runs regex + entropy and isn't covered. Full method on the blog.)
The server learns that "an AWS key was redacted on this machine" and nothing else. Not the code, not the traffic, not the redacted values themselves. Security gets the visibility to enforce policy. Developers keep their privacy. And when an auditor asks what leaves your network for AI, you have a real control and a log to point to.
The redaction proxy, running entirely on your machine. One command to install.
Apple Silicon & Intel · Homebrew picks the right build.
Unzip the download, then run that from the folder.
Extract the tar.gz for your chip, then run that.
One-time setup: the first run prints a sudo line to trust the local CA. Approve it once and every tool is protected. Also available: redactr enable for system-wide protection (GUI tools + every CLI) and redactr scan <dir> to find secrets in your files.
Everything in Community, plus the detection, isolation, and team control a fleet needs.