Sentinel  /  PriviShield

Sanitize sensitive data
before provider execution.

PriviShield is Aera’s sensitive-data sanitization layer for AI routes. Where enabled, it sits in the trusted route path to detect common PII, secrets, credential-like material, and unsafe disclosure patterns, then redact, mask, strip, block, or route sensitive cases for consent before provider execution continues.

Sanitize the payload. Preserve the route.

§ 01Exposure risk

Provider-bound prompts carry risk.
PriviShield sanitizes the path.

AI routes can carry customer data, credentials, private documents, tool output, retrieved context, and prompt-injection payloads toward a provider call. PriviShield is designed to reduce that exposure before execution continues by detecting sensitive material and applying the configured route action.

PII exposure

Customer data can travel with the prompt.

Names, emails, phone numbers, payment-like values, and account references can be pulled into context. PriviShield can detect common patterns and redact or route them before provider execution where enabled.

Secret exposure

Credentials can appear outside Vault.

API keys, bearer tokens, credential URLs, private key blocks, and password-like values can leak through tools, logs, retrieval, or pasted context. PriviShield can strip or block high-risk secret exposure in supported paths.

Hidden payloads

Unsafe instructions can hide inside context.

Prompt-injection markers, encoded content, hidden channels, and social-engineering language can change what an agent tries to send or do. PriviShield can flag unsafe disclosure signals before the route continues.

§ 02Detect and transform

Detect the sensitive span.
Transform what continues.

PriviShield is grounded in Aera’s privacy screening package. In supported paths, it can classify common sensitive-data patterns, secret-like material, credential-looking strings, and unsafe prompt signals, then turn those findings into redaction, masking, stripping, blocking, consent, or audit metadata.

PII

Personal identifiers

Detects common patterns such as email addresses, phone numbers, IP addresses, SSN-style identifiers, and credit-card-like values, then supports redaction or masking where configured.

Secrets

Credential-like material

Detects API keys, bearer tokens, private key blocks, credential URLs, password-like values, and high-entropy secret-like strings so the route can strip, block, or require approval.

Prompt risk

Unsafe disclosure signals

Detects prompt-injection indicators, hidden-channel patterns, social-engineering language, and encoded or obfuscated sensitive payloads in supported forms before continuation.

Context

Tool and route payloads

Sensitive content can arrive from user input, tools, workflows, or retrieved context. PriviShield is designed to sanitize the route payload before provider execution where enabled.

Boundary

Common patterns, not universal data loss prevention

Claim common PII and secret-pattern sanitization, not exhaustive detection of every identity, health, tax, document, or credential format.

Route state

Findings become action state

A finding can become a route action: redact, mask, strip, block, consent, audit metadata, or sanitized hash in supported paths.

§ 03Route placement

Sanitize before the provider call.
Only safe route material continues.

PriviShield belongs inside the trusted route path, not beside it as an after-the-fact report. Where wired into the Gateway or router path, it can inspect outbound AI traffic, apply the configured privacy action inline, and let only sanitized or approved material continue toward provider execution.

01 Context
User, tool, or retrieval input

The route receives prompt text, workflow state, tool output, or retrieved context.

02 Detect
PriviShield scan

Sensitive-data, secret, and unsafe-disclosure signals are identified inside the route path where enabled.

03 Sanitize
Route action

The route applies the configured action inline: redact, mask, strip, block, or require consent.

04 Control
Sentinel decision

Sentinel can compose privacy signals with policy and runtime risk where integrated.

05 Continue
Sanitized route or stop path

Sanitized traffic continues, or the request is blocked, reviewed, or routed for consent.

Inline route action, not after-the-fact notification.

§ 04Decision model

Every finding becomes
a route action.

PriviShield should not treat every privacy signal as a hard stop. The guard model can support different outcomes depending on the data class, policy state, context, and configured risk tolerance: allow with metadata, redact, strip, block, or route for consent.

Allow

Continue with metadata

Low-risk content can continue while preserving privacy state for audit or downstream policy evaluation.

Redact

Sanitize sensitive spans

Detected values can be masked, stripped, or substituted before the route continues toward the provider.

Block

Stop high-risk egress

High-risk secrets, credential material, or unsafe disclosure patterns can stop the request before provider execution.

Consent

Route for approval

Sensitive cases can be routed to consent or approval flows where configured instead of silently continuing.

§ 05Gateway, Vault, and Sentinel integration

Sanitization belongs
inside the operating path.

PriviShield is strongest when it is part of the same operating route as provider access, credential custody, and runtime control. It sanitizes exposure in the flow before execution continues. Gateway routes the traffic. Vault protects access objects. Sentinel controls continuation.

PriviShield + Gateway

Apply privacy actions in the Gateway route.

Gateway can hand route traffic through PriviShield so sensitive-data findings become inline route actions and route evidence where integrated.

PriviShield + Vault

Catch exposed secrets outside custody.

Vault protects credentials and execution rights. PriviShield complements Vault by detecting and sanitizing secret-like material when it appears in prompts, payloads, tools, or route traffic.

PriviShield + Sentinel

Compose privacy with control.

PriviShield can provide sensitive-data signals inside the route-control path while Sentinel evaluates policy, pathway risk, and continuation decisions where the security pipeline is enabled.

§ 06Return path and tool-output boundaries

Make every screening surface
explicit, not assumed.

PriviShield’s strongest current public claim is provider-bound sanitization inside the trusted route path where enabled. Return-path, tool-output, and memory/RAG handling should be described by the exact surface that is wired: PriviShield sanitization, Sentinel response scanning, or post-release platform scope.

Provider-bound requeststrongest current claim

sanitize provider-bound traffic inside the trusted route path where enabled

Provider responsequalify

pair with Sentinel response scanning where integrated

Tool outputqualify

sanitize tool or workflow payloads where wired into the route path

Memory / RAGdefer

memory and managed RAG protection remain post-release platform scope

§ 07Evidence and custody

Prove what was sanitized.
Do not preserve the exposure.

Privacy evidence should explain what was detected and what action was taken without turning sensitive data into the audit artifact. In supported paths, PriviShield actions can produce redaction metadata, sanitized hashes, block reasons, consent state, and audit records from the same route flow without displaying raw sensitive values.

The evidence boundary matters. A privacy system that records the raw value it removed can recreate the exposure it was supposed to prevent. PriviShield evidence should prove the route action while keeping sensitive values masked, hashed, or referenced rather than displayed.

PriviShield route record
illustration only
Detection
surfaceprovider_bound_request
findingpii.email
secret_liketrue
encoded_signalfalse
Action
decisionredact
redaction_count3
consent_requiredfalse
route_continuestrue
Evidence
sanitized_hashsha256:9d••••41
raw_value_storedfalse
audit_refprivishield.demo.014
Control
gateway_routeroute.model.ops
sentinel_stateevaluated
vault_releasenone
Illustration only. Shows sanitization metadata and route evidence. Raw sensitive values are not shown or implied.

Keep unsafe payloads out of provider execution.

PriviShield is built for AI routes where prompts, tools, workflows, and retrieved context can carry sensitive data toward provider execution. Detect the exposure, sanitize the payload inside the trusted route path, and let Sentinel control what continues.