Redaction, live

Nothing Sensitive Ever Leaves.

See what NexusNest catches across every category of sensitive data. Real prompts, real redaction, before anything reaches the AI provider.

Try It Yourself

Type or paste any text below and see what NexusNest would redact. Runs in your browser - nothing is sent anywhere.

7 detections:
Credentials (3)Internal Docs (1)Personal Info (3)
Employee types this prompt
Help me debug this API call. Here's my setup:

API Key: sk-proj-abc123def456ghi789jkl012mno345pqr678
Endpoint: https://10.0.4.55:8080/api/v1/users
Auth: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.abc123

The user john.doe@acme.com (phone: +1-555-123-4567)
reported the issue. Their SSN is 123-45-6789.

password=xK9#mP2$vL5nQ8
AI tool receives this
Help me debug this API call. Here's my setup:

API Key: [REDACTED_CREDENTIALS_3]
Endpoint: https://[REDACTED_INTERNAL_DOCS_1]:8080/api/v1/users
Auth: [REDACTED_CREDENTIALS_2]

The user [REDACTED_PERSONAL_INFO_3] (phone: [REDACTED_PERSONAL_INFO_2])
reported the issue. Their SSN is [REDACTED_PERSONAL_INFO_1].

[REDACTED_CREDENTIALS_1]

Detected Items

OpenAI Key
sk-proj-abc123def456ghi789jkl012mno34...
Internal IP (10.x)
10.0.4.55
Bearer Token
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6Ik...
Email
john.doe@acme.com
US Phone
+1-555-123-4567
SSN
123-45-6789
Password
password=xK9#mP2$vL5nQ8

This demo runs entirely in your browser using our Stage 1 regex engine. No data is sent anywhere. The full product adds Stage 2 (custom policies) and Stage 3 (proprietary contextual detection).

What We Catch

Every major sensitive-data category, plus your own rules for industry-specific terms and internal codenames.

Personal Information

john.smith@acme.com
redacted
[REDACTED_PERSONAL_INFO_1]
+1 (555) 123-4567
redacted
[REDACTED_PERSONAL_INFO_2]
SSN: 123-45-6789
redacted
SSN: [REDACTED_PERSONAL_INFO_3]

Financial Data

Card: 4532-1234-5678-9012
redacted
Card: [REDACTED_FINANCIAL_DATA_1]
Account: 12345678 Routing: 021000021
redacted
Account: [REDACTED_FINANCIAL_DATA_2] Routing: [REDACTED_FINANCIAL_DATA_3]

Health Data

Patient ID: MRN-2024-45892
redacted
Patient ID: [REDACTED_HEALTH_DATA_1]
HRN: H-789456
redacted
HRN: [REDACTED_HEALTH_DATA_1]

Credentials & Secrets

sk-proj-abc123def456ghi789jkl012mno345
redacted
[REDACTED_CREDENTIALS_1]
ghp_1234567890abcdefghijklmnopqrstuvwxyz12
redacted
[REDACTED_CREDENTIALS_2]
AKIAIOSFODNN7EXAMPLE
redacted
[REDACTED_CREDENTIALS_3]
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6...
redacted
[REDACTED_CREDENTIALS_4]
password=SuperSecret123!
redacted
[REDACTED_CREDENTIALS_5]

Source Code & Keys

-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEA...
-----END RSA PRIVATE KEY-----
redacted
[REDACTED_SOURCE_CODE_1]
postgres://admin:P@ssw0rd@prod-db.acme.com:5432/customers
redacted
[REDACTED_CREDENTIALS_6]

Internal Infrastructure

Server at 10.0.4.55 port 3306
redacted
Server at [REDACTED_INTERNAL_DOCS_1] port 3306
VPN: 192.168.1.100
redacted
VPN: [REDACTED_INTERNAL_DOCS_2]

Real-World Scenarios

These are actual prompts employees send to AI tools every day. See what PromptWall catches - and what the AI tool actually receives.

Developer asking ChatGPT for help

Software Engineer using ChatGPT

4 fields redactedcredentialspersonal infointernal docs
What the employee typed
I'm getting a connection error. Here's my config:

DB_HOST=prod-db-master.acme.internal
DB_USER=admin
DB_PASS=xK9#mP2$vL5nQ8
DB_NAME=customers

The error happens when user john.doe@acme.com tries to log in.
My API key is sk-proj-abc123def456ghi789jkl012mno345pqr678.
What the AI tool receives
I'm getting a connection error. Here's my config:

DB_HOST=prod-db-master.acme.internal
DB_USER=admin
DB_PASS=xK9#mP2$vL5nQ8
DB_NAME=customers

The error happens when user john.doe@acme.com tries to log in.
My API key is sk-proj-abc123def456ghi789jkl012mno345pqr678.

HR manager using Claude for a letter

HR Manager using Claude

2 fields redactedpersonal info
What the employee typed
Draft an offer letter for:
Name: Priya Sharma
Email: priya.sharma@gmail.com
Phone: +91 98765 43210
Position: Senior Engineer
Salary: 28,00,000 per annum
SSN equivalent: ABCDE1234F (PAN)
Starting: March 15, 2025
What the AI tool receives
Draft an offer letter for:
Name: Priya Sharma
Email: priya.sharma@gmail.com
Phone: +91 98765 43210
Position: Senior Engineer
Salary: 28,00,000 per annum
SSN equivalent: ABCDE1234F (PAN)
Starting: March 15, 2025

DevOps engineer debugging with Cursor

DevOps Engineer using Cursor

3 fields redactedcredentialsinternal docs
What the employee typed
This Terraform isn't working. Here's the relevant config:

provider "aws" {
  access_key = "AKIAIOSFODNN7EXAMPLE"
  secret_key = "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
  region     = "ap-south-1"
}

resource "aws_instance" "prod" {
  ami           = "ami-0c55b159cbfafe1f0"
  instance_type = "t3.large"
  private_ip    = "10.0.1.42"
}
What the AI tool receives
This Terraform isn't working. Here's the relevant config:

provider "aws" {
  access_key = "AKIAIOSFODNN7EXAMPLE"
  secret_key = "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
  region     = "ap-south-1"
}

resource "aws_instance" "prod" {
  ami           = "ami-0c55b159cbfafe1f0"
  instance_type = "t3.large"
  private_ip    = "10.0.1.42"
}

Finance team querying Gemini

Finance Analyst using Gemini

4 fields redactedpersonal infofinancial data
What the employee typed
Analyze this customer refund:
Customer: Sarah Johnson, sarah.j@bigclient.com
Card ending 4532-8901-2345-6789 was charged $4,500
Account routing: 021000021, Account: 1234567890
Refund reason: duplicate charge on invoice INV-2025-0892
What the AI tool receives
Analyze this customer refund:
Customer: Sarah Johnson, sarah.j@bigclient.com
Card ending 4532-8901-2345-6789 was charged $4,500
Account routing: 021000021, Account: 1234567890
Refund reason: duplicate charge on invoice INV-2025-0892
Zero
original data stored

Redacted in-flight and never stored on our servers. We can't reconstruct it.

10 min
to protected

Single-agent install. No SASE, no policy workshop.

Every
major AI tool covered

ChatGPT, Claude, Copilot, Gemini, Cursor, Perplexity, Grok + any HTTPS AI.

Zero Original Data Stored

Redaction is one-way. Original sensitive values are replaced in-flight and never stored on our servers.
No token maps or reverse-mapping capability exists. Even we cannot reconstruct the original data.
Audit logs store the redacted version only - what was detected, which categories, when. Not the original content.
Non-AI network logs contain metadata only - URL, domain, method, status, timing. No request or response bodies.
DPDP Act-aligned by design. Even if our database were breached, there is no sensitive prompt content to leak - originals are redacted in-flight and never stored; only the redacted version is persisted.
Start Free Trial