CADLP is an open-source proxy layer that intercepts prompts sent to LLM APIs and detects, classifies, and redacts sensitive enterprise data before it leaves the organization. Four-stage pipeline, zero-retention audit logging, utility-preserving redaction.
The Contextual Sensitivity Classifier (CSC) runs four stages in cascade. Each stage emits a SensitivityMap that drives the Policy Engine, which issues an ALLOW, REDACT, BLOCK, or QUARANTINE decision before the prompt reaches the LLM API.
High-confidence structured secrets: API keys, private keys, JWT tokens, SSNs, credit cards, email addresses, and high-entropy opaque strings. Handles ~75% of sensitive prompts with sub-millisecond latency.
Named entity recognition with operational vs. exemplary disambiguation. Entities in hypothetical examples are suppressed; entities in action-verb contexts are escalated. Catches person names, org codes, and ticket IDs.
Parses embedded code blocks, analyzes import graphs and identifier patterns against an internal symbol corpus. Flags proprietary code fragments that neither regex nor NER can detect.
TF-IDF cosine similarity against an internal terminology knowledge base identifies domain-specific jargon and project codenames that appear innocuous to general NER models but carry confidential meaning.
Shadow AI is the defining enterprise data risk of this decade: employees using consumer LLM tools inadvertently expose credentials, PII, and proprietary code with no organizational visibility once it leaves the network boundary.
[EMAIL_1], [API_KEY_1]) maintain referential consistency across multi-turn sessions so redacted prompts still produce useful outputs.Evaluated on the SEPAD-10K synthetic enterprise prompt benchmark.
| Entity type | Stage | Method | Confidence |
|---|---|---|---|
| API Keys (OpenAI, AWS, etc.) | 1 | Regex | 0.95 – 0.99 |
| Private Keys / JWTs | 1 | Regex | 0.95 – 1.00 |
| SSN / Credit Cards / Email | 1 | Regex | 0.85 – 0.95 |
| High-entropy Secrets | 1 | Shannon Entropy | variable |
| Person Names / Org Codes / Ticket IDs | 2 | NER + Disambiguation | 0.60 – 0.95 |
| Proprietary Code Fragments | 3 | AST + Import Analysis | variable |
| Internal Terminology / Codenames | 4 | TF-IDF Similarity | variable |
Python 3.9+ required. No external dependencies for the base install.
pip install cadlp
from cadlp import ContextualSensitivityClassifier, UtilityPreservingRedactor
from cadlp.policy.engine import PolicyEngine, Action
csc = ContextualSensitivityClassifier()
upr = UtilityPreservingRedactor()
policy = PolicyEngine()
prompt = "Please reset the password for alice@company.com. Her SSN is 234-56-7890."
smap = csc.classify(prompt)
decision = policy.evaluate(smap)
if decision.action == Action.REDACT:
result = upr.redact(smap)
print(result.redacted_prompt)
# "Please reset the password for [EMAIL_1]. Her SSN is [SSN_1]."