TeleonTeleon AITeleon AI

Redact PII with Sentinel

Configure Sentinel to detect and redact PII instead of blocking

This tutorial uses Sentinel’s PII detection and the redact action.

If you want to understand all Sentinel actions (block, flag, redact, escalate) and how they interact with inputs, outputs, and tool calls, see:

  • /docs/guides/sentinel-guardrails
  • /docs/api-reference/sentinel

What this tutorial covers

  • Enabling Sentinel with action_on_violation: "redact"
  • Direct PII detection and redaction with PIIDetector
  • Supported PII types and redaction behavior

1) Install and initialize

pip install teleon
from teleon import TeleonClient
 
client = TeleonClient(api_key="tlk_live_xxx")

2) Enable Sentinel with redaction

@client.agent(
    name="support",
    sentinel={
        "pii_detection": True,
        "action_on_violation": "redact",
    },
)
async def support_agent(query: str):
    return "ok"

With action_on_violation: "redact", Sentinel masks detected PII (for example: email addresses, SSNs, credit cards) and continues execution.

In redact mode:

  • Sentinel does not raise AgentValidationError for PII violations.
  • Redaction tokens like [EMAIL_REDACTED] replace the sensitive spans.

3) Quick redaction example

Input:

My email is john@example.com and my SSN is 123-45-6789

Redacted:

My email is [EMAIL_REDACTED] and my SSN is [SSN_REDACTED]

4) Direct PII detection

from teleon.sentinel.pii_detector import PIIDetector
 
detector = PIIDetector()
detected = detector.detect(text)
redacted = detector.redact(text)

If you’re using SentinelEngine directly, the redacted content is exposed on GuardrailResult.redacted_content.

5) Common PII types

Sentinel supports redaction for the following categories:

  • Contact
    • Emails
    • Phones (US/UK/EU/intl)
  • Government identifiers
    • SSNs
    • Passports
  • Financial
    • Credit cards
    • IBANs
    • EU VAT numbers
  • Network
    • IP addresses
  • Personal attributes
    • Dates of birth
    • Addresses
    • Names

Examples and redaction tokens

PII typeExampleRedaction token
Emailjohn@example.com[EMAIL_REDACTED]
Phone+44 20 7123 4567[PHONE_REDACTED]
SSN123-45-6789[SSN_REDACTED]
Credit card4532-0151-1283-0366[CREDIT_CARD_REDACTED]
IBANDE89 3704 0044 0532 0130 00[IBAN_REDACTED]
EU VATDE123456789[VAT_REDACTED]
IP address192.168.1.100[IP_REDACTED]
PassportAB1234567[PASSPORT_REDACTED]
Date of birth1990-01-15[DOB_REDACTED]
Address123 Main St, Apt 4[ADDRESS_REDACTED]
NameDr. Jane Doe[NAME_REDACTED]

Credit cards are validated using the Luhn algorithm to reduce false positives.

Note: PII field names in the detect() return dict are singular: email, phone, ssn, credit_card, ip_address, iban, vat, passport, dob, address, name.

On this page