APEX/BrowserUse_and_ComputerUse_skills
5
0
Fork 0
Code Issues 6 Pull requests 1 Projects 1 Releases Packages Wiki Activity Actions

feat(privacy): redact PII from LLM context when privacy.redact_pii is enabled

Browse source 
Add privacy.redact_pii config option (boolean, default false). When
enabled, the gateway redacts personally identifiable information from
the system prompt before sending it to the LLM provider:

- Phone numbers (user IDs on WhatsApp/Signal) → hashed to user_<sha256>
- User IDs → hashed to user_<sha256>
- Chat IDs → numeric portion hashed, platform prefix preserved
- Home channel IDs → hashed
- Names/usernames → NOT affected (user-chosen, publicly visible)

Hashes are deterministic (same user → same hash) so the model can
still distinguish users in group chats. Routing and delivery use
the original values internally — redaction only affects LLM context.

Inspired by OpenClaw PR #47959.
This commit is contained in:
teknium1 2026-03-16 05:48:45 -07:00
parent 7d2c786acc
commit c51e7b4af7
6 changed files with 252 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

5
hermes_cli/config.py
View file

@ -207,6 +207,11 @@ DEFAULT_CONFIG = {
"show_reasoning": False,
"skin": "default",
},
# Privacy settings
"privacy": {
"redact_pii": False, # When True, hash user IDs and strip phone numbers from LLM context
},
# Text-to-speech configuration
"tts": {