npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@blindfold/sdk

v1.0.2

Published

JavaScript/TypeScript SDK for Blindfold Gateway

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

michalvichmichalvich

Keywords

blindfoldpiipii-detectionpersonally-identifiable-informationdata-maskinganonymizationredactiontokenizationdata-privacyprivacysecuritygdprhipaapci-dssllmaioffline-piipresidio-alternative

Readme

Blindfold JS SDK

Detect, redact, tokenize, and mask PII in JavaScript/TypeScript. 80+ entity types, 30+ countries, works offline with zero dependencies.

npm version License

Why Blindfold?

  • Works offline, zero dependencies — No API key needed for local detection. No network calls. No external packages.
  • 80+ PII entity types across 30+ countries with checksum validation (Luhn, IBAN mod-97, Verhoeff, etc.)
  • 85x faster than Presidio — 0.4s vs 34s on 3,000 samples (benchmark)
  • Higher accuracy — F1 58.6% vs Presidio 38.8% on AI4Privacy multilingual benchmark
  • 8 operations: detect, redact, tokenize, detokenize, mask, hash, encrypt, synthesize
  • Compliance-ready — Built-in GDPR, HIPAA, PCI-DSS policies
  • Optional NLP upgrade — Add API key to detect names, addresses, organizations (60+ additional entities)
  • Batch processing, typed errors, full TypeScript support

Quick Comparison

| Feature | Blindfold | Presidio | regex-only | |---|---|---|---| | Entity types (local) | 80+ | ~20 | Custom | | Countries | 30+ | ~5 | Custom | | Checksum validation | Luhn, mod-97, Verhoeff, ... | Partial | No | | Speed (3K samples) | 0.4s | 34s | Varies | | Zero dependencies | Yes | No (spaCy) | Yes | | NLP upgrade path | Yes (API) | Yes (built-in) | No | | Tokenize/detokenize | Yes | No | No |

Common Use Cases

  • Sanitize LLM prompts — Strip PII before sending to OpenAI, Anthropic, etc.
  • PII-safe RAG pipelines — Redact before embedding, restore after retrieval
  • Log scrubbing — Anonymize data in logs and data pipelines
  • GDPR/HIPAA compliance — Built-in policies for AI applications
  • Synthetic test data — Format-preserving fake data generation

Install

npm install @blindfold/sdk
# or
yarn add @blindfold/sdk
# or
pnpm add @blindfold/sdk

Quick Start (no API key needed)

import { Blindfold } from '@blindfold/sdk'

const client = new Blindfold()

// Detect PII locally — no API key, no network call
const result = await client.detect("Email [email protected], SSN 123-45-6789")
for (const entity of result.detected_entities) {
  console.log(`${entity.type}: ${entity.text} (score: ${entity.score})`)
}
// Email Address: [email protected] (score: 0.95)
// Social Security Number: 123-45-6789 (score: 1.0)

// Redact PII locally
const redacted = await client.redact("Email [email protected], SSN 123-45-6789")
console.log(redacted.text)
// "Email, SSN"

Protect AI Prompts

Tokenize PII before sending to any LLM. The AI never sees real data.

OpenAI

import { Blindfold } from '@blindfold/sdk'
import OpenAI from 'openai'

const bf = new Blindfold() // Free local mode
const openai = new OpenAI()

// 1. Tokenize PII
const safe = await bf.tokenize("My name is John Smith, email [email protected]")
// safe.text → "My name is <Person_1>, email <Email Address_1>"

// 2. Send to GPT — PII never reaches OpenAI
const response = await openai.chat.completions.create({
  model: 'gpt-4o',
  messages: [{ role: 'user', content: safe.text }]
})

// 3. Restore original data
const result = bf.detokenize(response.choices[0].message.content, safe.mapping)
console.log(result.text)

Anthropic Claude

import { Blindfold } from '@blindfold/sdk'
import Anthropic from '@anthropic-ai/sdk'

const bf = new Blindfold()
const anthropic = new Anthropic()

const safe = await bf.tokenize("My name is John Smith, email [email protected]")

const response = await anthropic.messages.create({
  model: 'claude-sonnet-4-20250514',
  max_tokens: 1024,
  messages: [{ role: 'user', content: safe.text }]
})

const result = bf.detokenize(response.content[0].text, safe.mapping)
console.log(result.text)

Works with any AI provider: OpenAI, Anthropic Claude, Google Gemini, AWS Bedrock, Azure OpenAI, LangChain, LlamaIndex, Vercel AI SDK, CrewAI — see all integrations.

Upgrade to Blindfold API (optional)

For names, addresses, organizations, and 60+ entity types, add your API key:

  1. Sign up at blindfold.dev
  2. Get your API key at app.blindfold.dev/api-keys
  3. Set environment variable: BLINDFOLD_API_KEY=sk-***
// With API key — auto-switches to NLP-powered API
const client = new Blindfold({ apiKey: 'sk-...' })
const result = await client.detect("John Smith lives at 123 Oak Street")

Initialization

import { Blindfold } from '@blindfold/sdk'

// Local mode (no API key) — regex-based detection
const client = new Blindfold()

// API mode (with API key) — NLP-powered detection
const client = new Blindfold({ apiKey: 'sk-...' })

// Force local mode even with an API key (useful for latency-critical paths)
const client = new Blindfold({ apiKey: 'sk-...', mode: 'local' })

Operations

Tokenize (Reversible)

Replace sensitive data with reversible tokens (e.g., <Person_1>).

const response = await client.tokenize(
  "Contact John Doe at [email protected]",
  {
    policy: 'gdpr_eu',  // Optional: 'hipaa_us', 'basic', 'pci_dss', 'strict'
    entities: ['person', 'email address'],  // Optional: filter entities
    score_threshold: 0.4  // Optional: confidence threshold
  }
)

console.log(response.text)
// "Contact <Person_1> at <Email Address_1>"

console.log(response.mapping)
// { "<Person_1>": "John Doe", "<Email Address_1>": "[email protected]" }

Detokenize

Restore original values from tokens. Runs client-side — no API call.

// No await needed — runs locally!
const original = client.detokenize(
  "AI response for <Person_1>",
  response.mapping
)
console.log(original.text)
// "AI response for John Doe"

Redact

Permanently remove sensitive data.

const response = await client.redact(
  "My password is secret123",
  { entities: ['person', 'email address'] }
)

Mask

Partially hide sensitive data (e.g., ****-****-****-1234).

const response = await client.mask(
  "Credit card: 4532-7562-9102-3456",
  { masking_char: '*', chars_to_show: 4, from_end: true }
)
console.log(response.text)
// "Credit card: ***************3456"

Hash

Replace data with deterministic hashes (useful for analytics/matching).

const response = await client.hash(
  "User ID: 12345",
  { hash_type: 'sha256', hash_prefix: 'ID_' }
)

Encrypt

Encrypt sensitive data using AES (reversible with key).

const response = await client.encrypt(
  "Secret message",
  { encryption_key: 'your-secure-key-min-16-chars' }
)

Synthesize

Replace real data with realistic fake data. Works offline with format-preserving generation.

// Works offline — no API key required
const client = new Blindfold()
const response = await client.synthesize("Email [email protected], SSN 123-45-6789")
console.log(response.text)
// "Email [email protected], SSN 847-29-3156"

// With API key — NLP-powered synthesis (names, addresses, etc.)
const response = await client.synthesize(
  "John lives in New York",
  { language: 'en' }
)
console.log(response.text)
// "Michael lives in Boston"

Batch Processing

Process multiple texts in a single request (max 100 texts):

const result = await client.tokenizeBatch(
  ["Contact John Doe", "[email protected]", "No PII here"],
  { policy: "gdpr_eu" }
)

console.log(result.total)      // 3
console.log(result.succeeded)  // 3
console.log(result.failed)     // 0

result.results.forEach(item => console.log(item.text))

All methods have batch variants: tokenizeBatch, detectBatch, redactBatch, maskBatch, synthesizeBatch, hashBatch, encryptBatch.

Local PII Scanner

The built-in regex scanner works offline with zero dependencies. Use it directly for fine-grained control:

import { PIIScanner, EntityType } from '@blindfold/sdk/regex'

// Default: US locale
const scanner = new PIIScanner()
const matches = scanner.detect("Call me at [email protected] or 555-867-5309")

for (const match of matches) {
  console.log(`${match.entityType}: ${match.text} (score: ${match.score})`)
}

// Redact PII
const { text, matches: redacted } = scanner.redact("SSN 123-45-6789, CC 4532015112830366")
console.log(text)
// "SSN, CC"

Multi-locale support

// US + EU entities
const scanner = new PIIScanner({ locales: ['us', 'eu'] })
const matches = scanner.detect("SSN 123-45-6789, IBAN DE89370400440532013000")

// UK entities
const scanner = new PIIScanner({ locales: ['uk'] })
const matches = scanner.detect("NI number: AB 12 34 56 A")

// All locales
const scanner = new PIIScanner({ locales: ['us', 'eu', 'uk'] })

Filter by entity type

// Only detect emails and credit cards
const scanner = new PIIScanner({ entities: [EntityType.EMAIL, EntityType.CREDIT_CARD] })

Error Handling

import { AuthenticationError, APIError, NetworkError } from '@blindfold/sdk'

try {
  await client.tokenize("...")
} catch (error) {
  if (error instanceof AuthenticationError) {
    // Handle invalid API key
  } else if (error instanceof APIError) {
    // Handle API error (e.g. validation)
  } else if (error instanceof NetworkError) {
    // Handle network issues
  }
}

| Entity Type | Locale | Validation | |---|---|---| | Email Address | Universal | RFC 5322 pattern | | Credit Card Number | Universal | Luhn checksum | | Phone Number | Universal | Format + digit count | | IP Address (v4/v6) | Universal | Octet range | | URL | Universal | TLD validation | | MAC Address | Universal | Pattern | | Date of Birth | Universal | Context-required | | CVV/CVC | Universal | Context-required | | Social Security Number | US | Format rules + context | | Driver's License | US | Multi-state formats + context | | US Passport | US | Context-required | | Tax ID / EIN | US | Prefix validation + context | | ZIP Code | US | Context-required + validator | | US ITIN | US | Format validation | | IBAN | EU | ISO 7064 mod-97 checksum | | Postal Code | EU | DE/FR/NL patterns | | VAT ID | EU | Country prefix + format | | UK NI Number | UK | Format validation | | UK NHS Number | UK | Modulus-11 checksum | | UK Postcode | UK | Pattern | | UK Passport | UK | Context-required | | UK UTR | UK | Mod-11 checksum | | German Personal ID | DE | Context-required | | German Tax ID | DE | Check digit | | French National ID (NIR) | FR | Check digit | | French SIREN | FR | Luhn checksum | | Spanish DNI | ES | Letter validation | | Spanish NIE | ES | Letter validation | | Spanish NSS | ES | Mod-97 checksum | | Spanish CIF | ES | Custom checksum | | Italian Codice Fiscale | IT | Check digit | | Italian Partita IVA | IT | Luhn-like checksum | | Portuguese NIF | PT | Check digit | | Dutch BSN | NL | Modulus-11 check | | Belgian National Number | BE | Mod-97 checksum | | Belgian Enterprise Number | BE | Mod-97 checksum | | Austrian SVNR | AT | Mod-11 checksum | | Swiss AHV | CH | EAN-13 checksum | | Irish PPS Number | IE | Mod-23 checksum | | Polish PESEL | PL | Check digit | | Polish NIP | PL | Check digit | | Polish REGON | PL | Mod-11 checksum | | Czech Birth Number | CZ | Modulus validation | | Czech ICO (Company ID) | CZ | Mod-11 weighted checksum | | Czech DIC (Tax/VAT ID) | CZ | ICO checksum / mod-11 | | Czech Bank Account | CZ | Mod-11 weighted checksum | | Slovak Birth Number | SK | Modulus validation | | Slovak ICO | SK | Mod-11 weighted checksum | | Slovak DIC | SK | Mod-11 divisibility | | Romanian CNP | RO | Check digit | | Romanian CUI | RO | Mod-11 checksum | | Danish CPR | DK | Date validation | | Danish CVR | DK | Mod-11 checksum | | Swedish Personnummer | SE | Luhn algorithm | | Swedish Organisationsnummer | SE | Luhn algorithm | | Norwegian Birth Number | NO | Check digit | | Norwegian Organisasjonsnummer | NO | Mod-11 checksum | | Finnish HETU | FI | Mod-31 checksum | | Finnish Y-tunnus | FI | Mod-11 checksum | | Hungarian Tax ID | HU | Mod-11 checksum | | Hungarian TAJ | HU | Mod-10 checksum | | Bulgarian EGN | BG | Mod-11 checksum | | Croatian OIB | HR | ISO 7064 MOD 11,2 | | Slovenian EMSO | SI | Mod-11 checksum | | Slovenian Tax Number | SI | Mod-11 checksum | | Lithuanian Personal Code | LT | Dual-pass mod-11 | | Latvian Personal Code | LV | Weighted checksum | | Estonian Personal Code | EE | Dual-pass mod-11 | | Russian INN | RU | Check digit | | Russian SNILS | RU | Check digit | | Canadian SIN | CA | Luhn checksum | | Australian TFN | AU | Mod-11 checksum | | Australian Medicare | AU | Mod-10 checksum | | New Zealand IRD | NZ | Dual-pass mod-11 | | Indian Aadhaar | IN | Verhoeff algorithm | | Indian PAN | IN | Format validation | | Japanese My Number | JP | Mod-11 checksum | | Korean RRN | KR | Weighted checksum | | South African ID | ZA | Luhn checksum | | Turkish Kimlik | TR | Custom dual check | | Israeli ID | IL | Luhn checksum | | Brazilian CPF | BR | Check digit | | Brazilian CNPJ | BR | Check digit | | Argentine CUIT | AR | Mod-11 checksum | | Chilean RUT | CL | Mod-11 with K | | Colombian NIT | CO | Mod-11 prime weights |

Add your API key to unlock names, addresses, organizations, and 60+ additional entity types with NLP-powered detection.