PII Redaction at the Edge.
SentryPaste is a local-first agent that intercepts sensitive data before it leaves your clipboard. No cloud scanning. No latency. No "Shadow AI" risk.
Architecture of Trust
All redaction happens inside the user's device. Only clean payloads leave the boundary.
12026-02-14 ERROR: Login failed for user dev-lead@fintech-alpha.io.2Internal Key: sk_live_51Px992...3Ref: 192.168.1.45
12026-02-14 ERROR: Login failed for user [EMAIL_1].2Internal Key: [API_KEY_1]3Ref: [IP_ADDR_1]
Security Guarantee
Designed for zero-trust orgs that can't risk cloud scanning.
100% On-Device
A local enclave keeps raw clipboard data off our servers.
Sub-10ms Latency
Sensitive data is masked instantly with zero cloud round-trips.
Deterministic Tokenization
Stable placeholders preserve LLM context without exposing PII.
How it Works
The Interceptor
Watches clipboard and input surfaces before paste events fire.
The Engine
Scans for high-risk patterns and replaces them deterministically.
The Vault
Keeps mappings in local memory for safe rehydration when needed.
FAQ
How does local redaction work without cloud latency?
Redaction happens on-device in memory before paste events fire. Deterministic tokens replace PII so workflows stay instant without any network round-trip.
Is my data ever sent to SentryPaste servers?
No. Raw clipboard data never leaves the device. Only sanitized output is shared with external tools.
Does it work across all browsers or just Chrome?
It operates at the system level and works across all major browsers, including Chrome, Edge, Firefox, and Safari.
Join the Design Partner Program
Help shape the local-first security standard for your team.