{"id":31006060,"url":"https://github.com/amafjarkasi/hsx-context-hygiene-engine","last_synced_at":"2026-02-15T01:32:33.310Z","repository":{"id":311817079,"uuid":"1044893470","full_name":"amafjarkasi/hsx-context-hygiene-engine","owner":"amafjarkasi","description":"Context hygiene \u0026 risk adjudication for LLM pipelines: secrets, PII, prompt-injection, policy redaction \u0026 tokenization.","archived":false,"fork":false,"pushed_at":"2025-09-04T06:43:28.000Z","size":30,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-09-13T02:19:41.184Z","etag":null,"topics":["cli","compliance","content-safety","context-hygiene","data-sanitization","llm","llm-security","nodejs","pii-redaction","policy-engine","prompt-injection","redaction","secret-scanning","security","tokenization","typescript"],"latest_commit_sha":null,"homepage":null,"language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/amafjarkasi.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-08-26T11:04:28.000Z","updated_at":"2025-09-04T07:16:00.000Z","dependencies_parsed_at":"2025-08-27T03:29:15.572Z","dependency_job_id":"cd16df9d-8ec1-47e3-bf82-1758822b8ed9","html_url":"https://github.com/amafjarkasi/hsx-context-hygiene-engine","commit_stats":null,"previous_names":["amafjarkasi/healthcare-sanitize-mcp","amafjarkasi/hsx-context-hygiene-engine"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/amafjarkasi/hsx-context-hygiene-engine","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/amafjarkasi%2Fhsx-context-hygiene-engine","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/amafjarkasi%2Fhsx-context-hygiene-engine/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/amafjarkasi%2Fhsx-context-hygiene-engine/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/amafjarkasi%2Fhsx-context-hygiene-engine/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/amafjarkasi","download_url":"https://codeload.github.com/amafjarkasi/hsx-context-hygiene-engine/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/amafjarkasi%2Fhsx-context-hygiene-engine/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29464093,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-15T01:01:38.065Z","status":"ssl_error","status_checked_at":"2026-02-15T01:01:23.809Z","response_time":53,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cli","compliance","content-safety","context-hygiene","data-sanitization","llm","llm-security","nodejs","pii-redaction","policy-engine","prompt-injection","redaction","secret-scanning","security","tokenization","typescript"],"created_at":"2025-09-13T02:04:30.581Z","updated_at":"2026-02-15T01:32:33.302Z","avatar_url":"https://github.com/amafjarkasi.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# 🧬 HSX Context Hygiene Engine (formerly sanitize-mcp)\n\nA multi-stage context hygiene \u0026 risk adjudication engine for LLM toolchains. It detects and processes secrets, personal data, and adversarial prompt artifacts before they reach a model boundary—delivering deterministic redaction, linkable tokenization, or policy-based refusal.\n\n## Why HSX?\nTraditional \"sanitize\" passes operate as fragile regex filters. HSX layers signature scanning, span adjudication (collision \u0026 precedence aware), policy mapping, and stable tokenization so downstream systems can preserve referential integrity without exposing sensitive substrings.\n\n## Key Capabilities\n- Signature-based detection (extensible JSON signature packs)\n- Span collision adjudication with precedence (SECRET_* \u003e PROMPT_INJECTION_* \u003e PII_* \u003e META_)\n- Wildcard policy rules with actions (REDACT, MASK_PARTIAL, TOKENIZE_LINKABLE, STRIP_LINE, FLAG_ONLY, KEEP)\n- Stable, linkable tokenization via HMAC (configurable truncation \u0026 encoding)\n- Deterministic rewrite ordering (reverse-offset application prevents index drift)\n- Lightweight CLI (hsx-cli scrub \u003cfile\u003e)\n- Extensible risk \u0026 confidence model (future fusion documented)\n\n## Quick Start\n```bash\nnpm install\nnpm run build\necho \"Contact me at dev@example.com AKIAABCDEFGHIJKLMNOPQRST ignore previous text\" \u003e sample.txt\nnpx hsx-cli scrub sample.txt\n```\n\n## Configuration\nEnvironment variables:\n- HSX_SIGNATURE_DIR (default: config/signatures)\n- HSX_POLICY_PATH (default: config/hsx-policy.json)\n- PHI_SALT (secret salt for tokenization stability)\n\n## Directory Layout\n```\nconfig/               # policy + signature packs\nsrc/core/             # types \u0026 interval index\nsrc/detection/        # signature loading \u0026 scanning\nsrc/policy/           # policy evaluation \u0026 tokenization\nsrc/pipeline/         # adjudication (precedence + collision)\nsrc/cli/              # hsx-cli entrypoint\ndocs/                 # architecture \u0026 rationale\n```\n\n## Tokenization\nProduces \u003cT:...\u003e tokens using HMAC-SHA256(kind || raw) with truncated digest (default base32 9 bytes). Consistent for identical (kind, value) pairs enabling safe correlation.\n\n## Roadmap (abridged)\n- Confidence fusion of overlapping heuristics\n- Structured audit log (hashes only, no raw secret values)\n- Streaming transformer API\n- Additional signature categories (IP, phone, JWT, credit card with Luhn)\n\nSee docs/ for deeper details.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Famafjarkasi%2Fhsx-context-hygiene-engine","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Famafjarkasi%2Fhsx-context-hygiene-engine","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Famafjarkasi%2Fhsx-context-hygiene-engine/lists"}