Product
Introducing Repository Access Permissions and Custom Roles
Socket now supports Custom Roles and Repository Access Permissions so organizations can control who can access specific repositories and actions.
By Joe Werle - Jun 19, 2026
🚀 Socket Launch Week Day 4:Socket MCP Adds Org Alerts, Threat Feed Review, and Package Inspection.Learn more →
@spences10/pi-redact
Advanced tools
@spences10/pi-redact
Pi extension that redacts secrets from tool output before the model sees them
@spences10/pi-redact
Pi extension that redacts likely secrets from tool output before the model sees them.
Maintained in the my-pi Vite+ workspace and tested with Vitest.
Installation
pi install npm:@spences10/pi-redact
Local development from this monorepo:
pnpm --filter @spences10/pi-redact run build
pi install ./packages/pi-redact
# or for one run only
pi -e ./packages/pi-redact
What it does
@spences10/pi-redact listens for Pi tool_result events and
rewrites text content before it is added to model context. It is
intended as a last-mile safety net for accidental secrets in command
output, file reads, logs, and config files.
It currently detects and redacts:
- API-key-like fields such as
password,secret,token, andapi_key - GitHub classic and fine-grained tokens
- Tavily, Kagi, Brave, and Firecrawl API keys
- connection strings with embedded credentials
- SSH config metadata such as
Host,HostName,User,IdentityFile,ProxyJump, and forwarding directives
Redactions preserve a short prefix where helpful and append a marker
such as [REDACTED:GitHub Token].
Commands
/redact-stats
Shows how many values were redacted in the current Pi session.
/redact-stats
Example
If a tool returns:
GITHUB_TOKEN=ghp_abcdefghijklmnopqrstuvwxyz1234567890
The model receives something like:
GITH********************[REDACTED:GitHub Token]
Using from a custom harness
import redact from '@spences10/pi-redact';
// pass `redact` as an ExtensionFactory to your Pi runtime
my-pi imports this package directly and enables it as the built-in
filter-output extension.
Limitations
This extension is defensive, not a guarantee. It can miss novel secret formats, and broad patterns can occasionally redact benign values. Use proper secret hygiene as the primary control:
- do not print secrets unnecessarily
- avoid reading
.envfiles into model context - prefer scoped, revocable tokens
- rotate anything that may have been exposed
Development
pnpm --filter @spences10/pi-redact run check
pnpm --filter @spences10/pi-redact run test
pnpm --filter @spences10/pi-redact run build
License
MIT
Keywords
FAQs
Tool-output redaction for Pi that replaces likely secrets before they reach the model context
The npm package @spences10/pi-redact receives a total of 186 weekly downloads. As such, @spences10/pi-redact popularity was classified as not popular.
We found that @spences10/pi-redact demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 16 May 2026
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Socket MCP Adds Org Alerts, Threat Feed Review, and Package Inspection
Socket MCP now lets AI assistants review org alerts, investigate threats using the Socket threat feed, and inspect package files in addition to dependency scoring.
By John Tuckner - Jun 18, 2026
Product
Socket Firewall Now Blocks Malicious VS Code and Open VSX Extensions
Socket Firewall blocks malicious VS Code and Open VSX extensions before install, protecting developers from compromised editor marketplaces.
By John Tuckner - Jun 17, 2026