https://github.com/kisaesdevlab/vibe-shield

https://github.com/kisaesdevlab/vibe-shield

Last synced: 12 days ago
JSON representation

• Host: GitHub
• URL: https://github.com/kisaesdevlab/vibe-shield
• Owner: KisaesDevLab
• License: other
• Created: 2026-05-15T19:02:49.000Z (about 1 month ago)
• Default Branch: main
• Last Pushed: 2026-06-16T02:09:01.000Z (14 days ago)
• Last Synced: 2026-06-16T03:12:03.614Z (14 days ago)
• Language: TypeScript
• Size: 956 KB
• Stars: 0
• Watchers: 0
• Forks: 0
• Open Issues: 2
• Metadata Files:
  • Readme: README.md
  • Changelog: CHANGELOG.md
  • License: LICENSE
  • Codeowners: .github/CODEOWNERS

Awesome Lists containing this project

README

          
# Vibe Shield

Self-hosted PII redaction gateway between Vibe apps and the Anthropic Claude API. Runs on the Vibe Appliance, performs local PII detection (text **and** images) with Microsoft Presidio plus CPA-domain custom recognizers, swaps cleartext for deterministic per-session tokens, proxies the Anthropic Messages API, and re-identifies the response per policy. Names, SSNs, EINs, bank account / routing numbers, faces, and signatures never leave the firm's environment.

The full design — compliance objectives, architecture, phased build plan, and acceptance criteria — lives in [BUILD_PLAN.md](./BUILD_PLAN.md). Working agreements for Claude Code are in [CLAUDE.md](./CLAUDE.md).

## Status

**Pre-alpha.** Phases 1–4 of BUILD_PLAN.md are complete: repo foundation, FastAPI engine with Presidio + spaCy, seven CPA-domain custom recognizers, the whitelist post-processor, and the six regex backstops with miss logging. Sanitized 422 / 500 / 503 error envelopes enforce hard-rule #1 in error paths. Gateway, admin UI, token vault, and client SDK arrive in their respective phases.

## Quickstart

Requires Node.js ≥ 24, pnpm ≥ 9, Python 3.12, [uv](https://docs.astral.sh/uv/), and Docker.

```bash

pnpm install

make dev          # starts Postgres (host :5436) + Redis (host :6395)

make verify       # lint + typecheck + tests across all workspaces

# Schema integration tests need DATABASE_URL — point at the dev Postgres:

export DATABASE_URL="postgres://vibe:vibe@localhost:5436/vibe_shield"

pnpm --filter @kisaesdevlab/vibe-shield-schema test

```

Postgres is mapped to host port **5436** and Redis to **6395** (not the defaults 5432/6379) so they don't collide with system installs or other Vibe-stack services on the same dev box. Override either with `POSTGRES_PORT=…` or `REDIS_PORT=…`.

App services come up once their phases land:

```bash

docker compose --profile app up --build

```

## Stack

| Component | Tech | Phase |

|-----------|------|-------|

| `vibe-shield-gateway` | Node 24 + TypeScript + Express | 7–10 |

| `vibe-shield-engine` | Python 3.12 + FastAPI + Presidio | 2–6, 17 |

| `vibe-shield-admin` | React 18 + Vite + shadcn/ui | 13 |

| `@kisaesdevlab/vibe-shield-client` | TypeScript SDK | 14 |

| Storage | Postgres 16 + Redis 7 + BullMQ | 5–6, 8 |

## License

[PolyForm Internal Use 1.0.0](./LICENSE). Distribution requires a separate commercial license — contact KisaesDevLab.