Everyone says don't send personal data to cloud LLMs. But when you're working with customer emails, support tickets, or code with credentials — it's hard to avoid.

So I built a proxy that handles it for you — it's open source and free.

How it works:

  You send:        "Email john@acme.com about meeting Sarah Miller"
  LLM receives:    "Email [[EMAIL_1]] about meeting [[PERSON_1]]"
  LLM responds:    "Dear [[PERSON_1]], I wanted to follow up..."
  You get back:    "Dear Sarah Miller, I wanted to follow up..."

PasteGuard finds personal data and secrets in your prompt, swaps them with placeholders, and restores the real values in the response. The LLM never sees the actual data.

What it catches: - PII: Names, emails, phones, credit cards, IBANs, IPs (24 languages) - Secrets: API keys (OpenAI, Anthropic, AWS, GitHub), JWTs, SSH keys

Works with both OpenAI and Anthropic APIs. Point your app to localhost:3000/openai/v1 or localhost:3000/anthropic/v1. Compatible with LangChain, Cursor, Claude Code, Open WebUI.

One command to run:

  docker run -p 3000:3000 ghcr.io/sgasser/pasteguard:en

Happy to answer questions.