Skip to main content

Documentation Index

Fetch the complete documentation index at: https://curia.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

Curia’s PII redactor sits between agent responses and channel delivery. Before any outbound message reaches a recipient, it scans for sensitive data and replaces detected patterns with labelled tokens like [REDACTED: CREDIT_CARD]. The redactor is channel-aware — different channels can allow different types of information through.

What’s redacted by default

The redactor detects these PII patterns in all outbound messages:
PatternExampleReplacement
Email addressesalice@example.com[REDACTED: EMAIL]
Phone numbers+1-555-234-5678[REDACTED: PHONE]
Credit card numbers4111 1111 1111 1111[REDACTED: CREDIT_CARD]
US Social Security numbers123-45-6789[REDACTED: SSN]
Custom patternsConfigured per deploymentConfigurable replacement
You can add custom PII patterns for data types specific to your deployment (employee IDs, national ID numbers, etc.) via pii.extra_patterns in config/local.yaml. See the configuration reference for details.

The redaction pipeline

When an outbound message is ready for delivery, the redactor evaluates it in this order:
1

Kill switch check

If outbound_redaction.enabled is false, the message passes through unmodified. This is an emergency override, not a recommended configuration.
2

CEO bypass

If the recipient is the CEO (matched by contact UUID, resolved at startup), the message passes through unredacted. The CEO always sees full content.
3

Trust override

If the recipient’s trust level is in the trust_override list (e.g., ['ceo', 'high']), the message passes through. This allows high-trust contacts to receive unredacted content.
4

PII detection

The message content is scanned for all built-in and custom PII patterns.
5

Channel policy filtering

Detected patterns are filtered against the channel’s allow list. For example, the email channel policy might allow phone numbers through while redacting credit cards.
6

Replacement

Remaining patterns are replaced with labelled tokens (e.g., [REDACTED: CREDIT_CARD]). Replacements are applied end-to-start to preserve character positions.
7

Audit event

An outbound.pii_redacted event is published to the audit log recording the pattern label, channel, and replacement token. The original matched value is intentionally not stored in the audit event.

Per-channel policies

Different channels may have different sensitivity requirements. Configure per-channel allow lists to control which PII types pass through unredacted on each channel: 
# config/local.yaml
outbound_redaction:
  enabled: true
  trust_override: ['ceo', 'high']
  default: 'block'           # block PII on channels without an explicit policy
  channel_policies:
    email:
      allow: ['email', 'phone']   # email addresses and phone numbers pass through
    signal:
      allow: ['phone']            # only phone numbers pass through
With this configuration:
  • Email — email addresses and phone numbers are allowed; credit cards and SSNs are redacted
  • Signal — phone numbers are allowed; everything else is redacted
  • CLI — CEO bypass applies (CEO always sees full content)
  • Any other channel — all PII is redacted (the default: 'block' policy)

Design principles

Fail-closed — the redactor does not swallow errors. If redaction fails, the outbound gateway catches the error and decides whether to block delivery rather than sending unredacted content. No original values stored — the audit event records what type of PII was redacted and what it was replaced with, but intentionally does not store the original matched value. This prevents the audit log itself from becoming a PII repository. CEO identification by UUID — the CEO bypass uses a contact UUID resolved once at startup from CEO_PRIMARY_EMAIL, not a mutable database field. This is tamper-resistant — contact management code paths cannot accidentally grant CEO-level bypass to another contact.

Security overview

The broader security architecture and audit framework.

Configuration reference

Custom PII patterns and security rule configuration.