Protect internal copilots
Internal copilots see employee-pasted content: customer records, logs, secret tokens, API keys. Privian masks them before the LLM sees the prompt.
Why a gateway helps
- Employees paste raw data without thinking about provider terms.
- Secret tokens (OpenAI keys, GitHub PATs, AWS keys, JWTs) frequently slip into prompts.
- A single chokepoint is easier to audit and update than every internal tool.
What Privian masks for you
- Provider-shaped secrets:
OPENAI_API_KEY,GITHUB_TOKEN,AWS_ACCESS_KEY_ID,AWS_SECRET_ACCESS_KEY,JWT. - Generic and env-style secrets:
SECRET_TOKEN,ENV_SECRET,GENERIC_API_KEY. - Personal data:
PERSON,EMAIL,PHONE,IP_ADDRESS. - Financial:
CREDIT_CARD,IBAN. - National IDs:
SSN_US,SIN_CA.
See PII Masking for the full list and validator rules.
Wiring
ts
// Internal copilot server → Privian gateway → provider
async function copilot(userPrompt: string) {
const res = await fetch("https://api.privian.io/v1/gateway", {
method: "POST",
headers: {
Authorization: `Bearer ${process.env.PRIVIAN_API_KEY!}`,
"Content-Type": "application/json",
},
body: JSON.stringify({
prompt: userPrompt,
model: "anthropic/claude-sonnet-4.5",
}),
});
const { response, meta } = await res.json();
// Log meta.entitiesDetected to your own SIEM, never the raw prompt.
return response;
}What employees see
Because rehydration restores original values in the response, the copilot's reply still references the names, emails, or tokens the employee pasted. The LLM provider, however, only ever saw placeholders.
Limitations
- The beta does not enforce organisation-wide policy (e.g. "always reject prompts with detected secrets"); it masks but does not refuse.
- Free-form descriptions ("my CTO's home address") are not detected.