Skip to main content
Puntego is designed to avoid sending raw sensitive strings upstream when it can avoid them.

What gets redacted

  • Email addresses
  • Phone numbers
  • Credit card numbers that pass Luhn validation
  • Social security numbers
  • IBANs
  • URLs with embedded credentials

How redaction works

  • Sensitive text is replaced with stable content-addressed placeholder tokens before model calls and guardrail calls.
  • Telemetry payloads are scrubbed before Sentry-style envelopes are emitted, and emitted Sentry events stay tenant-isolated.
  • Cloudflare AI Gateway logs, Langfuse traces, and eval traces omit raw request and response bodies.
  • Promptfoo/eval artifacts keep only redacted model inputs, hashed tenant identifiers, and the minimum metadata needed for judge analysis.
  • The worker resolves a consent directive at /boot before chat begins.
  • GPC opt-out is honored independently of region.
  • Missing cf.country falls back to the strictest mode instead of the loosest.
  • tenant isolation is enforced in the worker before any model, logging, or eval surface sees the request payload.