Options
| Option | Default | Description |
|---|---|---|
enabled | true | Enable secrets detection |
action | mask | Action when secrets found |
entities | All supported types | Secret types to detect |
max_scan_chars | 200000 | Max characters to scan (0 = unlimited) |
log_detected_types | true | Log detected types (never logs content) |
Actions
| Action | Description |
|---|---|
mask | Replace secrets with placeholders, restore in response (default) |
block | Return HTTP 400, request never reaches the provider |
route_local | Route to local LLM (requires route mode) |
Mask (Default)
Block
Route to Local
Secret Types
All supported secret types are enabled by default. Setentities to a smaller
list if you want to scan only specific categories.
Private Keys
API Keys
Tokens
Environment Variables
Scan Roles
By default, PasteGuard scans user messages and tool results. It skips system, developer, and assistant text. Setscan_roles to replace that default:
| Scan label | Description |
|---|---|
user | User messages |
assistant | Assistant responses |
system | System prompts |
developer | Developer prompts |
tool | Tool results, including file reads and shell output |
function | Legacy OpenAI function results |
mcp | PasteGuard internal label for MCP tool items, such as Codex mcp_tool_call output |
scan_roles is set, PasteGuard scans exactly those roles.