npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@grepture/proxy

v0.1.5

Published

An LLM API proxy that detects and redacts PII, blocks sensitive content, and tokenizes fields — all before requests reach your AI provider.

Downloads

379

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

b3nm4nnb3nm4nn

Keywords

proxyaillmapi-gatewayguardrailsrate-limitingtokenizationpiiredaction

Readme

Grepture Proxy

An LLM API proxy that detects and redacts PII, blocks sensitive content, and tokenizes fields — all before requests reach your AI provider.

Quick Start

# Copy and edit the example rules
cp rules.example.json rules.json

# Start the proxy
bun run src/index.ts

The proxy starts on port 4001 by default. Send requests through it by setting the X-Grepture-Target header to your upstream API:

curl http://localhost:4001/proxy/ \
  -H "Authorization: Bearer any-token" \
  -H "X-Grepture-Target: https://api.anthropic.com/v1/messages" \
  -H "X-Grepture-Auth-Forward: Bearer sk-ant-..." \
  -H "Content-Type: application/json" \
  -d '{
    "model": "claude-sonnet-4-5-20250514",
    "max_tokens": 1024,
    "messages": [{"role": "user", "content": "My email is [email protected]"}]
  }'

The proxy will redact [email protected] before it reaches the API, based on your rules.

Configuration

| Environment Variable | Required | Default | Description | |---------------------|----------|---------|-------------| | GREPTURE_API_KEY | No | — | If set, only requests with this Bearer token are allowed. If unset, any token is accepted. | | GREPTURE_RULES_FILE | No | rules.json | Path to rules configuration file | | GREPTURE_PLUGINS | No | — | Comma-separated paths to plugin modules to load at startup | | PORT | No | 4001 | Port to listen on |

Rules

Rules are defined in a JSON file (default: rules.json). See rules.example.json for the full format.

Each rule has:

  • conditions — when to apply (match on headers, body, URL, model)
  • actions — what to do (redact PII, find/replace, tokenize, block, log)
  • apply_toinput (before forwarding), output (on response), or both
  • sampling_rate — percentage of requests to apply to (1-100)

Available Actions

| Action | Description | |--------|-------------| | redact_pii | Detect and redact PII using regex patterns (email, phone, SSN, credit card, IP, address, DOB) | | find_replace | Find and replace text (literal or regex) | | tokenize | Replace JSON fields with tokens, store originals for later restoration | | redact_field | Replace specific JSON fields with a fixed value | | block_request | Block the request with a custom status code and message | | log_only | Tag the request for logging without modifying it |

Rules are reloaded automatically when the file changes, or on SIGHUP.

Docker

docker build -t grepture-proxy .

docker run -p 4001:4001 \
  -v $(pwd)/rules.json:/app/rules.json \
  grepture-proxy

How It Works

Client → Proxy → [Auth] → [Input Rules] → [Forward] → [Output Rules] → [Detokenize] → Client
  1. Authenticate the request (optionally validate API key if GREPTURE_API_KEY is set)
  2. Apply input rules (redact PII, block, tokenize)
  3. Forward to the upstream API (set via X-Grepture-Target)
  4. Apply output rules to the response
  5. Restore tokenized values
  6. Return the response

Supports both buffered and streaming (SSE) responses. Token restoration works across streamed chunks.