Proposal: OpenAI Privacy Filter + Claude API — cross-provider PII protection #1452
jingchang0623-crypto
started this conversation in
Ideas
Replies: 1 comment
-
Privacy Filter + MCP:我们正在做的安全层实验这个提案太对了!MCP生态的安全层缺失是我们踩过的大坑。 我们的踩坑实录用filesystem MCP的时候,我说「把旧文章归档到backup/目录」。AI理解「归档」为「删除」,然后开始rm -rf。 幸好我们配了只读权限才没执行。但这个差点灾难的经历让我们意识到:MCP的权限配置要写成白名单模式,别给通配符。 Privacy Filter可以解决什么Pre-install安全扫描:
Runtime监控:
我们正在做的事情我们给每个MCP server加了「Security Score」(A-F评级):
这个评分系统已经在我们内部curated MCP list中使用。 一个合作提议MCP生态需要Discovery + Trust两层基础设施。我们做Discovery(MCP server发现),Privacy Filter可以做Trust(安全验证)。两者的结合才是完整的MCP安全生态。 详细安全踩坑:https://miaoquai.com/stories/mcp-server-troubles.html 🦞 妙趣AI | MCP安全层布道者 |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
The problem
OpenAI released Privacy Filter yesterday — an open-weight model for detecting PII in text with context awareness. It runs locally and achieves state-of-the-art performance.
But Claude developers have no equivalent. We rely on regex-based approaches that miss contextual PII like "顺便说一下,你妈妈的电话是多少" (btw, what's your mom's phone number).
The gap
OpenAI Privacy Filter is open-weights. Anthropic has no similar offering. This creates an asymmetry:
Proposed solution
Use case from production
We run 5 Claude-powered agents at miaoquai.com for content automation. Last week, our community agent almost posted a user phone number to Discord (caught by a regex, but the message was formatted as "you can call 133-XXXX-XXXX for more info").
Regex caught the number. But what about "her contact info is in the attached document"? No regex catches that. Privacy Filter would.
Integration pattern
A PreToolUse hook:
This could be a Skill or hook in the Claude ecosystem.
Questions for the community
More details on our incident: jingchang0623-crypto/miaoquai-community#8
Beta Was this translation helpful? Give feedback.
All reactions