Metadata-Version: 2.4
Name: safegate
Version: 1.0.0
Summary: Self-hosted security layer for LLM applications — detect PII by format, substitute or mask, and audit every call.
Project-URL: Homepage, https://github.com/patonkikh/SafeGate
Project-URL: Documentation, https://github.com/patonkikh/SafeGate#readme
Project-URL: Repository, https://github.com/patonkikh/SafeGate
Project-URL: Issues, https://github.com/patonkikh/SafeGate/issues
Project-URL: Changelog, https://github.com/patonkikh/SafeGate/blob/main/CHANGELOG.md
Author: SafeGate Contributors
License: MIT
License-File: LICENSE
Keywords: ai,guardrails,llm,pii,security
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: MIT License
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Topic :: Security
Requires-Python: >=3.10
Requires-Dist: pyyaml>=6.0
Provides-Extra: all
Requires-Dist: boto3>=1.28; extra == 'all'
Requires-Dist: build>=1.0; extra == 'all'
Requires-Dist: clickhouse-connect>=0.7; extra == 'all'
Requires-Dist: langchain-core>=0.2; extra == 'all'
Requires-Dist: openai>=1.0; extra == 'all'
Requires-Dist: pillow>=10.0; extra == 'all'
Requires-Dist: psycopg[binary]>=3.1; extra == 'all'
Requires-Dist: pymongo>=4.0; extra == 'all'
Requires-Dist: pymysql>=1.1; extra == 'all'
Requires-Dist: pytesseract>=0.3; extra == 'all'
Requires-Dist: pytest-cov>=5.0; extra == 'all'
Requires-Dist: pytest>=8.0; extra == 'all'
Requires-Dist: redis>=5.0; extra == 'all'
Requires-Dist: ruff>=0.4; extra == 'all'
Provides-Extra: clickhouse
Requires-Dist: clickhouse-connect>=0.7; extra == 'clickhouse'
Provides-Extra: dev
Requires-Dist: build>=1.0; extra == 'dev'
Requires-Dist: pytest-cov>=5.0; extra == 'dev'
Requires-Dist: pytest>=8.0; extra == 'dev'
Requires-Dist: ruff>=0.4; extra == 'dev'
Provides-Extra: langchain
Requires-Dist: langchain-core>=0.2; extra == 'langchain'
Provides-Extra: mongodb
Requires-Dist: pymongo>=4.0; extra == 'mongodb'
Provides-Extra: mysql
Requires-Dist: pymysql>=1.1; extra == 'mysql'
Provides-Extra: ocr
Requires-Dist: pillow>=10.0; extra == 'ocr'
Requires-Dist: pytesseract>=0.3; extra == 'ocr'
Provides-Extra: openai
Requires-Dist: openai>=1.0; extra == 'openai'
Provides-Extra: postgres
Requires-Dist: psycopg[binary]>=3.1; extra == 'postgres'
Provides-Extra: redis
Requires-Dist: redis>=5.0; extra == 'redis'
Provides-Extra: s3
Requires-Dist: boto3>=1.28; extra == 's3'
Description-Content-Type: text/markdown

<div align="center">



**English** | [Русский](README.ru.md)



# SafeGate



**Self-hosted security layer for LLM applications**



Detect PII by **format**, not labels · **Substitute** (not only `***`) · RU + EN · Block leaks · Audit everything



[![Python 3.10+](https://img.shields.io/badge/python-3.10%2B-blue.svg)](https://www.python.org/downloads/)

[![License: MIT](https://img.shields.io/badge/License-MIT-green.svg)](LICENSE)

[![Tests](https://img.shields.io/badge/tests-188%20passed-brightgreen.svg)](#development)

[![Version](https://img.shields.io/badge/version-1.0.0-orange.svg)](CHANGELOG.md)



[Quick start](#quick-start) · [Examples](#examples) · [Compare](#compare-with-alternatives) · [Benchmarks](docs/BENCHMARK.md) · [Community](docs/COMMUNITY.md)



<sub><code>pip install safegate</code> · <a href="docs/BRANDING.md">Branding & i18n</a></sub>



</div>



---



## What it does



SafeGate sits **between your app and the LLM**:



```

Your text  →  detect PII  →  apply policy  →  safe prompt  →  LLM  →  check response  →  safe output

```



- **Self-hosted** — no cloud lock-in for sensitive data  

- **Substitution by default** — realistic fakes so the model keeps structure (emails, IDs, cards)  

- **Format-based detection** — catches values without labels like `phone:` or `СНИЛС:`  

- **RU + US + universal** — INN, SNILS, SSN, IBAN, addresses, cards, and 70+ entity types



---



## Live demo UI



<table>

<tr>

<td width="50%">



**Pipeline overview**



![SafeGate pipeline explorer](docs/images/demo-overview.png)



</td>

<td width="50%">



**Detections & substitution**



![SafeGate — detection and substitution](docs/images/demo-substitute.png)



</td>

</tr>

</table>



The **Pipeline Explorer** (local, optional) shows all 8 stages: detectors → policy → prompt guard → mock LLM → response guard.



| Mode | Behavior |

|------|----------|

| **Substitute** | Replace PII with dictionary fakes (LLM-friendly) |

| **Mask** | Replace with `***` |



```bash

python -m pip install -e .

cd local-demo && pip install -r requirements.txt && python app.py

# → http://127.0.0.1:8765

```



Regenerate README screenshots: `python scripts/generate_demo_screenshots.py`



---



## Quick start



### Install



```bash

pip install safegate

# or from source:

git clone https://github.com/safegate-ai/safegate.git && cd safegate

python -m pip install -e ".[dev]"

```



See [docs/INSTALL.md](docs/INSTALL.md) · [Release guide](docs/RELEASE.md) for PyPI publish.



### Minimal example



```python

from safegate import SafeGate

from safegate.llm import MockLLM



guard = SafeGate(protection_mode="substitute")  # or "mask"



response = guard.chat(

    "Reach me at alice@company.com or +1 (415) 555-0100",

    MockLLM(),

)

print(response)

```



### Fluent API



```python

session = guard.protect_prompt("Card 4532 1987 4421 8426, exp 11/30")

print(session.prompt_mappings)

result = session.invoke(MockLLM()).protect_response()

```



### Enterprise presets (optional)



```python

guard = SafeGate(preset="health_hipaa", region="us")

```



---



## Examples



| Example | Use case |

|---------|----------|

| [chatbot_demo.py](examples/chatbot_demo.py) | Chatbot with PII substitution |

| [rag_demo.py](examples/rag_demo.py) | RAG context guard |

| [mcp_demo.py](examples/mcp_demo.py) | MCP tool filter |

| [gateway_client.py](examples/gateway_client.py) | REST AI gateway |

| [langchain_demo.py](examples/langchain_demo.py) | LangChain handler |



Full list: [examples/README.md](examples/README.md)



---



## How it works



```mermaid

flowchart LR

    A[Input text] --> B[Detectors]

    B --> C[Policy engine]

    C --> D{Action}

    D -->|substitute| E[Dictionary vault]

    D -->|mask| F[Asterisks]

    D -->|block| G[Stop]

    E --> H[LLM]

    F --> H

    H --> I[Response guard]

    I --> J[Output]

```



| Stage | Role |

|-------|------|

| **Detectors** | 70+ entity types — email, phone, INN/SNILS, SSN, IBAN, address, card, SWIFT, MAC/IP, names, … |

| **Policy** | substitute · mask · block · remove |

| **Prompt guard** | Before the LLM call |

| **Response guard** | Leak detection, detokenize, optional regenerate |

| **Audit** | JSONL, CEF / ECS / CSV export |



---



## Compare with alternatives



| | DIY regex | Presidio | LLM Guard | **SafeGate** |

|---|:---:|:---:|:---:|:---:|

| Self-hosted | ✅ | ✅ | ✅ | ✅ |

| LLM session API | DIY | DIY | Partial | ✅ |

| Substitution (not only `***`) | ❌ | Partial | ❌ | ✅ |

| RU + US regional IDs | Manual | Custom | Limited | ✅ |

| Response leak + retry | ❌ | Manual | ✅ | ✅ |

| YAML policies + simulator | ❌ | ❌ | ❌ | ✅ |

| Multi-tenant gateway + SIEM | ❌ | ❌ | ❌ | ✅ |



Full comparison: [docs/COMPARISON.md](docs/COMPARISON.md) · Benchmarks: [docs/BENCHMARK.md](docs/BENCHMARK.md)



---



## Industry packs



`bank_ru` · `health_hipaa` · `gov_fz152` · `retail_eu` · `fintech_us` · `insurance_us` · `saas_global` · `telecom_eu` · `education_us` · `energy_eu` · `legal_eu` · `logistics_eu`



```bash

safegate policy catalog --format markdown

```



[Entity catalog](docs/SENSITIVE_ATTRIBUTES.md)



---



## Development



```bash

python -m pip install -e ".[dev]"

pytest -v

python scripts/benchmark.py

```



[CONTRIBUTING.md](CONTRIBUTING.md) · [Good first issues](.github/GOOD_FIRST_ISSUES.md) · [SECURITY.md](SECURITY.md) · [Community](docs/COMMUNITY.md)



---



## License



[MIT](LICENSE)



---



<div align="center">



**LLM power without leaking PII.**



</div>

