PII Scanner

Paste text before sending to an LLM to scan locally for emails, API keys, JWTs, IPs, and more. Pre-flight check to reduce leaks.

Privacy: processed locally, never uploaded.

↓ Paste in the input area below to see results instantly

Paste text to scan

Detect emails, API keys, JWTs, IPs, and more. Scanned locally, never uploaded.

2 sensitive match(es) found

Notes

Detection scope

Regex heuristics may false-positive or miss items. Review before sending to an LLM; pair with a redaction tool when needed.

Paste text before sending to an LLM to scan locally for emails, API keys, JWTs, IPs, and more. Pre-flight check to reduce leaks.

Quick start

  1. Paste text

    Scan runs in the browser; nothing is uploaded.

  2. Review matches

    See type, index, and value; redact after manual review.

Limitations

Regex heuristics may false-positive or miss items; not a compliance audit replacement.

Features and use cases

Regex scan for emails, phones, IDs, and similar PII patterns with highlighted matches for redaction.

Use before sending prompts to LLMs, sharing logs, or compliance demos—not enterprise DLP.

Typical Workflow

Before pasting code or logs to LLMs like ChatGPT, scan your text with this tool. The typical workflow: 1) Copy your content 2) Paste into the scanner 3) Review red-highlighted sensitive data 4) Manually redact or remove flagged items. All processing happens locally in your browser.

Particularly useful for developers debugging APIs. For example, checking if error logs leak AWS_ACCESS_KEY_ID, or verifying if code snippets shared with AI assistants contain test emails. After scanning, double-click highlighted areas to quickly select them for replacement with placeholders like 'REDACTED'.

FAQ

Auto redact?

Highlights only; pair with a redaction tool or edit manually.

What types of sensitive information can it detect?

Currently detects emails, API keys (e.g. OpenAI keys starting with sk_), JWT tokens, credit card number patterns, and IPv4 addresses. Uses regex to match common patterns but won't catch encoded or fragmented sensitive data. For secrets management, consider combining with dedicated secret scanning tools.