Developer Overview

PII Firewall is a privacy-first toolkit that protects personal data before it reaches AI or the cloud.
It offers three integration paths — REST API, Node.js SDK, and MCP Server — plus two advanced capabilities: Secure RAG and Composite Attack Detection. All processing can run locally with zero cloud data transmission.

Integration Options

Option	Best For
REST API	Any language, backend services, quick integration
SDK (Node.js)	Node.js / TypeScript projects
MCP Server	Claude Desktop, Cursor, AI agent pipelines
Secure RAG	Use internal documents in RAG without cloud exposure (manufacturing, healthcare, finance)
Composite Attack Detection	SQL + prompt injection compound defense

Key Capabilities

Capability	Description
PII Detection & Masking	Detect and reversibly tokenize 24 PII types (name, email, phone, national ID, etc.)
API Key Auto-Detection	Automatically mask API keys from 11 providers including Anthropic and OpenAI
Prompt Injection Detection	Detect 10 categories of prompt attack patterns
SQL Injection Detection	Detect SQL attacks embedded in AI inputs
Composite Attack Detection	Detect SQL + prompt attacks simultaneously in a single pipeline (`compositeRisk` flag)
Secure RAG	Full pipeline: PII tokenization → RAG ingestion → LLM response → PII restoration
Differential Privacy	Apply statistical privacy protection on top of masked data

Base URL

https://pii-firewallproxy-production.up.railway.app

Authentication

All Proxy API requests require an API key in the Authorization header:

http

Authorization: Bearer pf_live_xxx

Get your API key from the Developer Console after signing in.
→ Authentication details

MCP Server & SDK — no API key required

The MCP Server and SDK run @pii-firewall/core locally. No API key or internet connection is needed. An API key is only required when using the Proxy API for credit-based usage tracking.

Quick Example

bash

curl -X POST https://pii-firewallproxy-production.up.railway.app/detect \
  -H "Authorization: Bearer pf_live_xxx" \
  -H "Content-Type: application/json" \
  -d '{"text": "Contact Alice at alice@corp.com or +1-800-555-0100"}'

Response:

json

{
  "detections": [
    { "type": "NAME", "value": "Alice", "start": 8, "end": 13 },
    { "type": "EMAIL", "value": "alice@corp.com", "start": 17, "end": 31 },
    { "type": "PHONE", "value": "+1-800-555-0100", "start": 35, "end": 50 }
  ],
  "count": 3
}

Plans & API Call Limits

Plan	API calls / month
Free	300
Starter	10,000
Business	100,000
Enterprise	Unlimited

See Plans & Feature Limits for the full breakdown.

Developer Overview ​

Integration Options ​

Key Capabilities ​

Base URL ​

Authentication ​

Quick Example ​

Plans & API Call Limits ​