	In Browser
	StumbleUpon
	del.icio.us
	Google
	Google Buzz
	reddit
	LinkedIn

	Facebook
	Twitter
	Linkedin
	E-Mail

Generative AI > AI Security > Secrets Detection in LLM Inputs with Python

Secrets Detection in LLM Inputs with Python

Author: Venkata Sudhakar

ShopMax India's LLM-powered support chatbot accepts free-text input from thousands of users daily. Users sometimes paste sensitive data into chat windows - API keys, credit card numbers, Aadhaar numbers, or internal order tokens. Sending this data to a third-party LLM API violates data protection obligations and exposes users to risk. A secrets detection layer scans every input before it reaches the LLM and redacts sensitive patterns automatically.

The detection layer uses regex patterns matched against known secret formats: API key prefixes, credit card patterns, Indian mobile numbers, PAN card formats, and Aadhaar patterns. When a match is found, the input is redacted with a placeholder before being passed to the LLM so the conversation can continue without the sensitive data. All redaction events are logged with the secret type and session ID for compliance reporting.

The example below shows a secrets scanner for ShopMax India that detects and redacts common Indian and global secret patterns before sending user input to the LLM.

import re
import openai
import os

client = openai.OpenAI(api_key=os.environ.get("OPENAI_API_KEY", ""))

SECRET_PATTERNS = {
    "api_key_openai": r"sk-[A-Za-z0-9]{32,}",
    "credit_card":    r"\b(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|3[47][0-9]{13})\b",
    "aadhaar":        r"\b[2-9]{1}[0-9]{3}\s?[0-9]{4}\s?[0-9]{4}\b",
    "pan_card":       r"\b[A-Z]{5}[0-9]{4}[A-Z]{1}\b",
    "indian_mobile":  r"\b(?:\+91|91)?[6-9][0-9]{9}\b",
    "aws_key":        r"AKIA[0-9A-Z]{16}"
}

def scan_and_redact(text):
    findings = []
    redacted = text
    for secret_type, pattern in SECRET_PATTERNS.items():
        matches = re.findall(pattern, redacted)
        if matches:
            findings.append((secret_type, len(matches)))
            placeholder = "[REDACTED-" + secret_type.upper() + "]"
            redacted = re.sub(pattern, placeholder, redacted)
    return redacted, findings

def safe_llm_call(user_input):
    redacted_input, findings = scan_and_redact(user_input)
    if findings:
        print(f"WARNING: Redacted {findings} from user input")
    resp = client.chat.completions.create(
        model="gpt-4o",
        messages=[
            {"role": "system", "content": "You are a ShopMax India support agent."},
            {"role": "user", "content": redacted_input}
        ]
    )
    return resp.choices[0].message.content, findings

user_msg = "My order ORD-9821 is delayed. My mobile is 9876543210 and Aadhaar 2345 6789 0123. Help!"
response, findings = safe_llm_call(user_msg)
print(f"Response: {response}")

It gives the following output,

WARNING: Redacted [('aadhaar', 1), ('indian_mobile', 1)] from user input
Response: I can see your order ORD-9821 is delayed. Your personal details have
been removed for security. Please check your registered email for tracking
updates or contact support at [email protected] with your order ID.

Log all redaction events with the secret type and session ID but never log the actual secret value. Extend the pattern list regularly as new API key formats are released by cloud providers. For credit card numbers, apply the Luhn algorithm in addition to regex to reduce false positives. In high-volume deployments, consider using an open-source library such as Microsoft Presidio for a comprehensive PII detection suite that covers dozens of entity types out of the box.

Send your comments, suggestions or queries regarding this site to [email protected].