Nyraxis AI

Secrets Detection

Detects API keys, tokens, passwords, private keys, and credentials in prompts and responses.

Secrets Detection

Secrets Detection prevents accidental exposure of credentials and sensitive tokens in LLM interactions. It uses always-on pattern matching to identify API keys, passwords, private keys, and connection strings before they can be logged, cached, or leaked through model responses.

What it detects

  • API keys (OpenAI, Stripe, GitHub, Google, etc.)
  • Bearer tokens and JWTs
  • Passwords and passphrases
  • Private keys (RSA, EC, PGP)
  • AWS credentials (access key ID and secret access key)
  • Database connection strings (PostgreSQL, MySQL, MongoDB)
  • OAuth client secrets
  • Webhook signing secrets

Configuration

{
  "policy_type": "secrets_detection",
  "mode": "blocking",
  "config": {}
}

No configuration needed — all patterns are always active.

Example violation

{
  "policy_type": "secrets_detection",
  "severity": "high",
  "description": "AWS secret access key detected in user input",
  "details": {
    "secret_type": "aws_secret_key",
    "position": { "start": 15, "end": 55 }
  }
}

Best practices

  • Enable on both input and output to catch secrets in model responses too
  • Pair with PII detection for comprehensive data loss prevention
  • Alert your security team on repeated secret exposure from the same user
  • Use in all environments including development to build safe habits early

Toxicity Detection

Detect toxic, hateful, and threatening content in LLM inputs and outputs.

Bias Detection

Detect gender, racial, age, religious, and political bias in LLM inputs and outputs.

On this page

Secrets DetectionWhat it detectsConfigurationExample violationBest practices