Puddinhead detects and anonymizes sensitive data across text and API workflows.

Open docs
P Puddinhead PII detection and anonymization
Read docs Open docs

PII detection. Anonymization. API-ready output.

Sanitize sensitive text before it leaves your app.

Puddinhead detects and anonymizes emails, phone numbers, credit cards, IP addresses, and URLs in logs, form data, and API payloads with analyze(), anonymize(), and sanitize() across application and HTTP workflows.

Read the docs View API endpoint
  • Detect EMAIL_ADDRESS, PHONE_NUMBER, CREDIT_CARD, IP_ADDRESS, and URL
  • Choose replace, redact, mask, hash, or keep per entity
  • Use the package directly or call POST /analyze and POST /sanitize
sanitize() POST /sanitize
Example output
[REDACTED]

Input stays readable enough to debug without leaking private addresses or identifiers.

Install
npm
Endpoint
POST
Reference Value
Functionsanitize() Inputtest@gmail.com Output[REDACTED] Response{"sanitized":"..."}

Package

Node · logs · API Production-ready text protection

Response

{ "sanitized": "..." } Same shape every request

How It Works

PII detection and anonymization pipeline.

The pipeline accepts text, identifies supported entities, applies the configured operator, and returns sanitized output while preserving the surrounding context.

1. Input

Please email me at test@gmail.com Raw text enters the sanitizer.

2. Detect

Email pattern found The email address is identified as sensitive.

3. Replace

[REDACTED] Only the matched value is swapped out.

4. Output

Please email me at [REDACTED] Safe text is returned to your app or API.

Input

sanitize("Please email me at test@gmail.com")

Output

"Please email me at [REDACTED]"
01

Receive the text

The package accepts a normal string from your app, job, log formatter, or HTTP request body.

02

Scan for sensitive patterns

The analyzer scans the input and identifies values that match supported entity types such as email addresses and phone numbers.

03

Replace only the match

Instead of rewriting the whole sentence, the matched email is replaced with [REDACTED] so the rest of the message stays readable.

04

Return a safe result

If you call sanitize(), you get back a string. If you use POST /sanitize, the same value is returned inside JSON as {"sanitized":"..."}.

Docs

Core docs in four blocks.

Install, usage, API, and response examples.

01

Quick start

Install the package

npm install puddinhead
02

Example usage

Redact email addresses

sanitize("My email is test@gmail.com")

-> "My email is [REDACTED]"

03

API endpoint

Send a single request

POST /sanitize
04

Response example

Return the sanitized value

{
  "sanitized": "..."
}
Open the full docs page

Guardrails built in

Redaction should be transparent and easy to inspect.

Detection, operator choice, and output shape stay explicit so the behavior is easy to review, test, and trust in production.

Consistent placeholders

The output stays predictable so downstream tooling does not need custom parsing.

Small API surface

There is less room for confusion when the docs fit on one page and the endpoint fits in one line.

JSON-safe responses

The API returns a single sanitized field that is straightforward to inspect and forward.

Easy to review

Because the surface area is narrow, regressions are easier to spot before they ship.

Docs first

Install the package or hit the endpoint. That's the whole setup.

Open docs View API