Data & Privacy

How secrets are redacted on-device, what stays on your machine, and our server-side safety net.

Local-first redaction

Secrets are scrubbed locally on your machine before they ever leave your computer. Our servers perform validation checks purely as a fail-safe fallback.

Primary Defense

Local, open-source scrubbing

The gateway scans and redacts session files directly in memory on your local machine. It does not act as a network proxy and never intercepts your internet traffic. Secrets are fully stripped before records are buffered or uploaded.

Fallback Safety Net

Fail-safe server validation

If a user runs an outdated local gateway version that misses a newly added pattern, our servers run a duplicate check as a fallback. Any unredacted keys trigger client updates, and raw secrets are discarded immediately without being stored.

~/agent/session.loglive

1# agent session capture · on-device redaction

2Help me write a Python script to send Slack notifications when the nightly deploy finishes. The incoming webhook URL is https://hooks.slack.com/services/T08F2QK1A/B07RZ9X4C/Hk29fLmZ2qAo. Can you add a retry?

proxai-gatewaysecret detected

Live demo. Secrets are stripped on your machine before anything is uploaded.

What gets redacted

The gateway automatically intercepts and removes database connection strings, cloud credentials, and API tokens from session records. Select a category below to inspect the specific signatures we strip.

Read every rule on GitHub

What leaves your machine

Everything we upload, and why we need it.

Uploaded

Redacted session recordsThe agent conversations you turned on capture for, with all sensitive keys fully redacted locally before upload.
Capture metadataWhich agent produced each record and how far it got, so the dashboard can order your sessions.
Gateway and agent versionsSo we stay compatible as your tools update.
A hashed host identifierA one-way fingerprint of your machine, tied to your account. It confirms uploads really came from your gateway and blocks spoofed ones, without ever revealing your hardware ID.

Never

Unredacted secretsSecrets are redacted on-device prior to local buffering, guaranteeing raw credentials never touch our API servers.
Your raw hardware IDOnly the one-way hash leaves your machine. The original never does.
Files your agents did not writeThe gateway reads agent session files and nothing else on your disk.

Inspect it yourself

The buffer lives on your machine, so you can see exactly what was uploaded at any time. This command exports every record from the last 7 days in the local buffer, already redacted, directly into a JSON file on your desktop for easy viewing.

proxai-gateway logs -v --json --since 7d > ~/Desktop/records.json

Run proxai-gateway logs --help to see more options for filtering, formatting, and outputting your local audit logs.

Gateway data and privacy reference Privacy Policy

ProxDash

Community

Contribution Guidelines

About