Secrets Detection
This detector looks for API Keys, Tokens, Private Keys, JWT, etc. and replaces it with ****. Basically this detector makes sure that your prompts do not contain secrets that can be used to perform actions on your behalf.
Tip
Check prerequisites before proceeding further.
Policies
There are currently no policies to tweak for the Secrets Detector. It works automagically.
API
Usage
import os
import requests
endpoint = "https://api.zenguard.ai/v1/detect/secrets"
headers = {
"x-api-key": os.getenv("ZEN_API_KEY"),
"Content-Type": "application/json",
}
data = {
"messages": ["Just use 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 to send the message to LLM"]
}
response = requests.post(endpoint, json=data, headers=headers)
if response.json()["is_detected"]:
print("Secrets detected. The damage averted.")
else:
print("No secrets detected: good job.")
assert response.json()["is_detected"], "Error detecting secrets"
Response Example:
{
"is_detected": true,
"score": 1.0,
"sanitized_message": "Just use **** to send the message to LLM."
}
is_detected(boolean)
: Indicates whether a secret was detected in the provided message. In this example, it is True since the prompt contains an API key.score(float: 0.0 - 1.0)
: A score representing the certainty of the Secrets detection. Here, it is 1.0.sanitized_message(string or null)
: This field contains the sanitized version of the message. In this example the API key was replaced with****
.
Error Codes:
- `401 Unauthorized`: API key is missing or invalid.
- `400 Bad Request`: Request body is malformed.
- `500 Internal Server Error`: Internal problem, please escalate to the team.
Client
Detect Secrets:
import os
from zenguard import Credentials, Detector, ZenGuard, ZenGuardConfig
api_key = os.environ.get("ZEN_API_KEY")
config = ZenGuardConfig(credentials=Credentials(api_key=api_key))
zenguard = ZenGuard(config=config)
message="Just use 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 to send the message to LLM"
response = zenguard.detect(detectors=[Detector.SECRETS], prompt=message)
if response.get("is_detected"):
print("Secrets detected. The damage averted.")
else:
print("No secrets detected: good job.")
assert response.get("is_detected"), "Error detecting secrets"