npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@blindfold/cli

v1.0.2

Published

CLI for Blindfold PII detection and protection

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

michalvichmichalvich

Keywords

blindfoldclipiiprivacygdprhipaatokenizationredactionanonymization

Readme

Blindfold CLI

Detect, redact, tokenize, and mask PII from the terminal. 80+ entity types, 30+ countries, works offline with zero dependencies.

npm version License

Why Blindfold CLI?

  • Works offline, zero dependencies — No API key needed for local detection. No network calls. No data leaves your machine.
  • 80+ PII entity types across 30+ countries with checksum validation (Luhn, IBAN mod-97, Verhoeff, etc.)
  • Run on your own infrastructure — Install locally, in CI/CD pipelines, or on air-gapped servers. Everything runs on your machine.
  • 8 operations: detect, redact, tokenize, detokenize, mask, hash, encrypt, synthesize
  • Compliance-ready — Built-in GDPR, HIPAA, PCI-DSS policies
  • Optional NLP upgrade — Add API key to detect names, addresses, organizations (60+ additional entities)
  • Pipe-friendly — stdin, file input, JSON output, quiet mode for scripting

Install

npm install -g @blindfold/cli

Or run directly with npx (no install):

npx -y @blindfold/cli detect "Contact John at [email protected]"

Quick Start (no API key needed)

# Detect PII locally — no API key, no network call
blindfold detect "Email [email protected], SSN 123-45-6789"
# Email Address: [email protected] (score: 0.95)
# Social Security Number: 123-45-6789 (score: 1.0)

# Redact PII locally
blindfold redact "Email [email protected], SSN 123-45-6789"
# "Email, SSN"

# Tokenize (reversible)
blindfold tokenize "Patient: Sarah Johnson, SSN: 123-45-6789"
# "Patient: <Person_1>, SSN: <Social Security Number_1>"

# Mask (partial)
blindfold mask "Card: 4532-1234-5678-9010"
# "Card: ***************9010"

Everything above runs 100% locally. No API key. No network calls. No data leaves your machine.

Use with --local flag

When you have an API key configured but want to force local-only processing:

# Force local mode — no data sent to any API
blindfold detect --local "SSN 123-45-6789"

# Useful for air-gapped environments or strict data residency
blindfold redact --local --file sensitive-data.txt

Upgrade to Blindfold API (optional)

For names, addresses, organizations, and 60+ entity types, add your API key:

  1. Sign up at blindfold.dev
  2. Get your API key at app.blindfold.dev/api-keys
  3. Save it:
blindfold config set-key your_api_key
# or set environment variable: BLINDFOLD_API_KEY=sk-***
# With API key — auto-switches to NLP-powered detection
blindfold detect "John Smith lives at 123 Oak Street"

Commands

| Command | Description | |---------|-------------| | detect | Detect PII without modifying text | | tokenize | Replace PII with reversible tokens | | detokenize | Restore original values from tokens | | redact | Permanently remove PII | | mask | Partially hide PII | | synthesize | Replace with realistic fake data | | hash | One-way hash PII | | encrypt | Encrypt PII with AES | | discover | Analyze samples for PII types | | config | Manage API key and settings |

Input Methods

# Inline argument
blindfold detect "Contact John at [email protected]"

# Pipe from stdin
echo "Patient SSN: 123-45-6789" | blindfold redact

# Read from file
blindfold tokenize --file patient-notes.txt

# Batch processing from file (one text per line)
blindfold detect --batch --file records.txt

Output Formats

# Human-readable (default)
blindfold detect "John Doe, [email protected]"

# JSON (for scripts)
blindfold detect --json "John Doe, [email protected]"

# Quiet (just the transformed text)
blindfold redact --quiet "Call John at 555-0123"

Common Options

All PII commands accept:

-p, --policy <name>       Detection policy (basic, strict, gdpr_eu, hipaa_us, pci_dss)
-e, --entities <types>    Comma-separated entity types
-t, --threshold <n>       Minimum confidence score (0.0-1.0)
-f, --file <path>         Read input from file
    --batch               Process file line-by-line
    --local               Force local mode (no API calls)
    --locales <codes>     Locale codes (e.g., us,eu,uk,de)

Global options:

--api-key <key>           Override API key
--base-url <url>          Override API base URL
--region <region>         Data residency region (eu, us)
--json                    Output raw JSON
--quiet                   Output only transformed text

Command-Specific Options

# Mask with custom settings
blindfold mask --masking-char "#" --chars-to-show 4 --from-end "Card: 4532-1234-5678-9010"

# Hash with specific algorithm
blindfold hash --hash-type sha256 --hash-length 12 "[email protected]"

# Encrypt with password
blindfold encrypt --encryption-key "my-secret" "Confidential data"

# Synthesize in German
blindfold synthesize --language de "Patient: Hans Mueller, Berlin"

# Detokenize with mapping
blindfold detokenize --mapping '{"<Person_1>":"John Doe"}' "Contact <Person_1>"

Configuration

API key resolution order:

  1. --api-key flag
  2. BLINDFOLD_API_KEY environment variable
  3. Saved config (~/.config/blindfold/config.json)
blindfold config set-key your_api_key    # Save API key
blindfold config show                    # Show current config
blindfold config clear                   # Remove saved config
blindfold config path                    # Print config file path

Detection Policies

| Policy | Use Case | |--------|----------| | basic | Common PII (names, emails, phones) | | strict | Maximum detection, all entity types | | gdpr_eu | EU GDPR-relevant entities | | hipaa_us | US healthcare (PHI, SSN, insurance) | | pci_dss | Payment card data (credit cards, IBANs) |

Examples

# CI/CD: redact logs before storage (local, no API key)
cat app.log | blindfold redact --quiet --policy strict > clean.log

# Script: get entities as JSON
entities=$(blindfold detect --json "John Doe, SSN 123-45-6789")

# HIPAA compliance check
blindfold detect --policy hipaa_us --file patient-records.txt

# Air-gapped server: force local mode
blindfold redact --local --file sensitive-export.csv --quiet > clean.csv

# Process EU data with EU-specific entities
blindfold detect --locales eu,de,fr --file eu-customer-data.txt

License

MIT