Strip PII from CSV & JSON.
Paste a dataset, get a column-aware redaction plan, toggle which columns to mask, and download the cleaned file. Built for analysts, support teams, and anyone who needs to share data with an AI without leaking real customers.
Paste a CSV
What gets caught
Column-name auto-classification
- email / e_mail / user_email
- phone / mobile / cell
- name / first_name / last_name
- ssn / aadhaar / pan
- card_number / cvv
- ip / ip_address
- dob / birth_date
- address / street / zip
- passport / license / national_id
- password / token / api_key / secret
- latitude / longitude
Value-level detection (any column)
- API keys (AWS / OpenAI / GitHub / Stripe / Anthropic / …)
- JWTs and bearer tokens
- Private key blocks
- Mongo / Postgres / MySQL connection URIs
- Emails inside notes / comments columns
- Phone numbers in international formats
- Credit cards (Luhn-validated)
- Aadhaar (Verhoeff-validated)
- IPv4 / IPv6 addresses
Output
- Structurally identical to your input
- CSV mode: preserves headers, escapes correctly
- JSON mode: parses + walks the tree
- Masked tokens are descriptive ([EMAIL_MASKED])
- Download as .csv / .json
- Or copy-paste into your data tool
FAQ
›Will this work on huge datasets?
Yes — parsing and masking run in your browser. The bottleneck is browser memory; 100,000-row CSVs work comfortably on typical laptops. For multi-million-row datasets, use the CLI (npx fixaiprompt) when we ship it.
›Does anything leave my browser?
No. All parsing, classification, and redaction happens client-side. There is no server-side processing — we never receive your data.
›What if my column has a weird name?
Anything we don't recognize gets classified as 'Other' and left un-masked by default. Toggle the checkbox to force-mask any column you want.
›Can it catch secrets buried inside a free-text column?
Yes — even on un-masked columns, we run the same secret/PII detector that powers Safe Paste over every cell. If you have an API key sitting inside a 'notes' or 'description' column, it'll get caught.