SensitiveDataFilter

An AISpanProcessor that redacts sensitive information from span fields.

Constructor

new SensitiveDataFilter(options?: SensitiveDataFilterOptions)

SensitiveDataFilterOptions

interface SensitiveDataFilterOptions {
  /**
   * List of sensitive field names to redact.
   * Matching is case-insensitive and normalizes separators
   * (api-key, api_key, Api Key → apikey).
   * Defaults include: password, token, secret, key, apikey, auth,
   * authorization, bearer, bearertoken, jwt, credential,
   * clientsecret, privatekey, refresh, ssn.
   */
  sensitiveFields?: string[];

  /**
   * The token used for full redaction.
   * Default: "[REDACTED]"
   */
  redactionToken?: string;

  /**
   * Style of redaction to use:
   * - "full": always replace with redactionToken
   * - "partial": show 3 characters from the start and end, redact the middle
   * Default: "full"
   */
  redactionStyle?: RedactionStyle;
}

RedactionStyle

type RedactionStyle = "full" | "partial";

Methods

process

process(span: AnyAISpan): AnyAISpan

Process a span by filtering sensitive data across its key fields: attributes, metadata, input, output, and errorInfo.

Returns: A new span with sensitive values redacted.

shutdown

async shutdown(): Promise<void>

No cleanup needed for this processor.

Properties

readonly name = 'sensitive-data-filter';

Default Sensitive Fields

When no custom fields are provided:

[
  "password",
  "token",
  "secret",
  "key",
  "apikey",
  "auth",
  "authorization",
  "bearer",
  "bearertoken",
  "jwt",
  "credential",
  "clientsecret",
  "privatekey",
  "refresh",
  "ssn",
];

Processing Behavior

Field Matching

Case-insensitive: APIKey, apikey, ApiKey all match
Separator-agnostic: api-key, api_key, apiKey are treated identically
Exact matching: After normalization, fields must match exactly
- token matches token, Token, TOKEN
- token does NOT match promptTokens or tokenCount

Redaction Styles

Full Redaction (default)

All matched values replaced with redactionToken.

Partial Redaction

Shows first 3 and last 3 characters
Values ≤ 6 characters are fully redacted
Non-string values are converted to strings before partial redaction

Error Handling

If filtering a field fails, the field is replaced with:

{
  error: {
    processor: "sensitive-data-filter";
  }
}

Processed Fields

The filter recursively processes:

span.attributes - Span metadata and properties
span.metadata - Custom metadata
span.input - Input data
span.output - Output data
span.errorInfo - Error information

Handles nested objects, arrays, and circular references safely.

Constructor​

SensitiveDataFilterOptions​

RedactionStyle​

Methods​

process​

shutdown​

Properties​

Default Sensitive Fields​

Processing Behavior​

Field Matching​

Redaction Styles​

Full Redaction (default)​

Partial Redaction​

Error Handling​

Processed Fields​