Skip to content

Credentials Scanner (DLP)

The Credentials Scanner is a specialized Data Loss Prevention (DLP) node that specifically targets secrets like API keys, SSH keys, and database passwords to prevent accidental exposure to external AI models.

Use Case

  • Secret Protection: Safeguard your organization's infrastructure by ensuring developers don't accidentally paste cloud credentials or API keys into AI prompts.
  • Compliance: Enforce SOC2 and HIPAA requirements regarding secret management.

Implementation

This auditor uses high-entropy regex patterns to detect various types of secrets in the Request phase. It produces claims about detected secrets -- the Gateway's Cedar policy decides the enforcement action.

import re
from lucid_auditor_sdk import ClaimsAuditor, claims, Phase, serve

SECRET_PATTERNS = {
    "AWS Key": re.compile(r'AKIA[0-9A-Z]{16}'),
    "Slack Token": re.compile(r'xox[bpgr]-[0-9]{12}-[0-9]{12}-[a-zA-Z0-9]{24}'),
    "Generic Secret": re.compile(r'(?i)password|secret|key\s*[:=]\s*[a-zA-Z0-9\-_]{20,}')
}

class CredentialScanner(ClaimsAuditor):
    auditor_id = "secret-shield"
    version = "0.1.0"

    @claims(phase=Phase.REQUEST)
    async def scan_secrets(self, request):
        prompt = request.get("prompt", "")
        detected = []

        for name, pattern in SECRET_PATTERNS.items():
            if pattern.search(prompt):
                detected.append(name)

        return {
            "secret_detected": len(detected) > 0,
            "secret_type": detected[0] if detected else None,
            "secret_count": len(detected),
        }

serve(CredentialScanner())

Cedar Policy

The Gateway evaluates credential claims against a Cedar policy:

// Block any request containing detected secrets
@annotation("decision", "deny")
forbid (principal, action, resource)
when { context.claims.secret_detected };

Deployment Configuration

chain:
  - name: secret-shield
    image: "lucid/credentials-scanner:v1"
    port: 8087

Behavior

  • Request: A user sends "Here is my cloud config: AWS_KEY=AKIA...".
  • Claims produced: secret_detected = true, secret_type = "AWS Key".
  • Cedar evaluation: The forbid policy matches -- decision is DENY. The Gateway blocks the request and the AI Passport records the detection event for security audit trails.