pii-redaction-logging-policy-builder
PII Redaction & Logging Policy Builder
Protect user privacy in application logs.
PII Redaction
const PII_PATTERNS = {
email: /\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z|a-z]{2,}\b/g,
ssn: /\b\d{3}-\d{2}-\d{4}\b/g,
phone: /\b\d{3}[-.]?\d{3}[-.]?\d{4}\b/g,
creditCard: /\b\d{4}[\s-]?\d{4}[\s-]?\d{4}[\s-]?\d{4}\b/g,
};
function redactPII(message: string): string {
let redacted = message;
Object.entries(PII_PATTERNS).forEach(([type, pattern]) => {
redacted = redacted.replace(pattern, `[REDACTED_${type.toUpperCase()}]`);
});
return redacted;
}
// Safe logging
logger.info(redactPII(\`User registered: \${email}\`));
// Output: "User registered: [REDACTED_EMAIL]"
Logging Policy
# Logging Policy
## ✅ DO Log
- Request IDs
- User IDs (hashed)
- HTTP status codes
- Response times
- Error types
- Feature flags
## ❌ DON'T Log
- Passwords
- Credit card numbers
- SSNs
- API keys
- Full emails (hash first)
- Full names
- Addresses
Output Checklist
- Redaction rules defined
- Logging policy documented
- Safe logger wrapper
- Team trained
- Log monitoring ENDFILE
More from monkey1sai/openai-cli
multi-tenant-safety-checker
Ensures tenant isolation at query and policy level using Row Level Security, automated testing, and security audits. Prevents data leakage between tenants. Use for "multi-tenancy", "tenant isolation", "RLS", or "data security".
10modal-drawer-system
Implements accessible modals and drawers with focus trap, ESC to close, scroll lock, portal rendering, and ARIA attributes. Includes sample implementations for common use cases like edit forms, confirmations, and detail views. Use when building "modals", "dialogs", "drawers", "sidebars", or "overlays".
10eslint-prettier-config
Configures ESLint and Prettier for consistent code quality with TypeScript, React, and modern best practices. Use when users request "ESLint setup", "Prettier config", "linting configuration", "code formatting", or "lint rules".
9api-security-hardener
Hardens API security with rate limiting, input validation, authentication, and protection against common attacks. Use when users request "API security", "secure API", "rate limiting", "input validation", or "API protection".
9secure-headers-csp-builder
Implements security headers and Content Security Policy with safe rollout strategy (report-only → enforce), testing, and compatibility checks. Use for "security headers", "CSP", "HTTP headers", or "XSS protection".
9security-incident-playbook-generator
Creates response procedures for security incidents with containment steps, communication templates, and evidence collection. Use for "incident response", "security playbook", "breach response", or "IR plan".
9