By George Curta · Last updated 2026-06-14
Usalama wa Uandishi wa Vibe: Zuia Uvujaji wa PII katika Msimbo Uliozalishwa na AI
Cursor, Windsurf, na Claude Desktop zinazalisha msimbo wa uzalishaji kwa kasi — lakini bila vizuizi vya PII. Ficha data nyeti kabla ya kufikia IDE yako ya AI na uziondoe kiotomatiki kutoka kwa msimbo uliozalishwa.
Kwa Nini Uandishi wa Vibe Unaunda Hatari ya PII
Uandishi wa vibe unakuza maendeleo — lakini IDE za AI kama Cursor na Windsurf zinajumuisha muktadha wote wa msingi wako wa msimbo, ikiwa ni pamoja na data yoyote halisi inayotumiwa katika majaribio, fixture, au maelekezo. PII inaingia kimya kimya katika muktadha wa mfano, urekebishaji wa mafunzo, kumbukumbu, na matokeo yaliyozalishwa.
Hatari zilizorekodiwa katika maendeleo yanayosaidiwa na AI:
- CVE-2026-22708 (Cursor IDE): Data za kitambulisho na PII katika faili zilizo wazi zinatumwa kwa muktadha wa mfano bila kuchuja. CVSS 8.1.
- LangChain CVE-2026-22708: CVSS 9.3 — uingizaji wa maelekezo kupitia hati za RAG unaingiza PII katika matokeo yasiyokusudiwa ya mfano na kumbukumbu.
- MCP servers 8,000+ zilizofunuliwa: Uchunguzi wa hadharani wa MCP server unaonyesha maelfu yanayoshughulikia PII ghafi bila usafi, ukikiuka GDPR na HIPAA.
Njia Nne za Kulinda Mtiririko Wako wa Kazi wa Uandishi wa Vibe
Chagua ushirikiano unaofaa mrundikano wako — au uunganishe kwa ulinzi kamili wa PII.
MCP Server
Ficha maelekezo kwa uwazi katika Claude Desktop, Cursor, na IDE yoyote inayofaa na MCP. PII inabadilishwa kabla ya kufikia mfano; majibu yanafichuliwa kiotomatiki.
Jifunze zaidiREST API
Jumuisha ufichaji wa PII moja kwa moja katika mabomba yako ya CI/CD, vizalishi vya fixture za majaribio, au bots za ukaguzi wa msimbo kupitia simu moja ya API.
Jifunze zaidiChrome Extension
Linda IDE za AI za kivinjari na wasaidizi wa msimbo. Inafichua maandiko kabla ya kutumwa kutoka kwa kivinjari — hakuna usanidi unahitajika.
Jifunze zaidiProgramu ya Kompyuta
Shughulikia kwa kundi faili za msimbo, fixture za majaribio, na seti za data kwa ndani kabla ya kushiriki na zana za AI. Inafanya kazi bila mtandao bila data yoyote kuondoka kwenye kompyuta yako.
Jifunze zaidiIliyoundwa kwa Mifumo ya Kazi ya Wasanidi
Ushirikiano wa IDE wa Asili
MCP Server inaunganika moja kwa moja na Cursor, Windsurf, Claude Desktop, na VS Code. Hakuna kati, hakuna proxies — ufichaji tu wa PII wenye uwazi katika mtiririko wako wa kazi uliopo.
Aina 285+ za Vitu
Gundua majina, barua pepe, funguo za API, vitambulisho, SSN, IBAN, na aina 285+ nyingine za PII katika lugha 48 — ikiwa ni pamoja na siri zilizojengwa ndani ya msimbo na data za majaribio zilizowekwa kwa nguvu.
Ufichaji Unaoweza Kurejeshwa
Badilisha PII na vibadala thabiti (mfano [PERSON_1], [EMAIL_1]) ili msimbo uliozalishwa na AI ubaki na kazi. Fichua matokeo kwa hatua moja ili kurejesha thamani halisi.
Muundo wa Maarifa ya Sifuri
Funguo zako za usimbuaji haziacha kifaa chako kamwe. anonym.legal haiwezi kusoma data zako za asili. Uzalishaji wa funguo unaosaidiwa na CSPRNG na usimbuaji wa AES-256-GCM.
Inakidhi GDPR na HIPAA
Makazi ya data ya EU. Ufichaji unakidhi ufafanuzi wa Kifungu 4(1) cha GDPR. Ripoti zilizo tayari kwa ukaguzi kwa maswali ya DPA na nyaraka za uzingatiaji wa HIPAA.
Kumbukumbu za Ukaguzi
Kila tukio la ufichaji linarekodiwa — aina za vitu vilivyogunduliwa, alama za wakati, na vitambulisho vya kipindi — kwa ukaguzi wa uzingatiaji na majibu ya matukio.
Sanidi katika Chini ya Dakika 5
Fungua akaunti ya bure
Jisajili kwenye anonym.legal — kiwango cha bure kinajumuisha tokeni 200/mwezi, aina zote 285+ za vitu, na ufikiaji kamili wa MCP Server kwenye mpango wa Pro.
Ongeza MCP Server kwenye IDE yako
Ongeza usanidi wa anonym-legal MCP Server kwenye claude_desktop_config.json yako au mipangilio ya Cursor. Kizuizi kimoja cha JSON — hakuna usakinishaji wa binary.
Ficha kabla ya kila maelekezo ya AI
MCP Server inazuia maelekezo yanayojumuisha PII na inabadilisha vitu na vibadala thabiti kabla ya mfano kuona. Ina uwazi kamili.
Fichua matokeo ya AI
Bandika msimbo uliozalishwa na AI kwenye endpoint ya ufichuaji (au Chrome Extension) ili kurejesha thamani za asili. Data zako halisi hazikugusa mfano kamwe.
Rasilimali Zinazohusiana
Tumia Claude na ChatGPT Bila Kuvuja PII
Mwongozo wa hatua kwa hatua wa kusanidi MCP Server kwa Claude Desktop, Cursor, na VS Code — na mifano ya usanidi na hatua za uthibitishaji.
Cursor na Claude: Kulinda Vitambulisho vya Wasanidi
Jinsi ya kuzuia uvujaji wa vitambulisho na PII wakati wa kutumia Cursor IDE na Claude — ikijumuisha ufunuo wa CVE na hatua za kupunguza.
Kwa Nini Biashara Zinakataza Zana za Uandishi za AI (Na Jinsi MCP Inavyotatua)
Hoja ya usalama kwa ufichaji wa PII unaotegemea MCP kama mbadala wa biashara badala ya marufuku jumla ya zana za AI.
Andika Haraka. Usivuje Chochote.
Anza kulinda mtiririko wako wa uandishi wa AI leo — kiwango cha bure, hakuna kadi ya mkopo inahitajika. MCP Server, REST API, Chrome Extension, na Programu ya Kompyuta zimejumuishwa.
About this page
We update this page when our platform or the law changes.
Read our founder note for how we work.
Each change shows up in the timestamp at the top.
Related reading
- Common questions
- Glossary
- How tokens work
- Security posture
- Where we comply
- What we detect
- Case studies
- Release notes
We follow these rules
- GDPR (EU 2016/679).
- ISO/IEC 27001:2022.
- NIS2 (EU 2022/2555).
- HIPAA safe harbor under 45 CFR § 164.514(b)(2).
Our promise
We do not sell your data.
We do not train models on your text.
We store your files in Germany.
You can delete your account at any time.
You own your work.
Where we run
Our servers live in Falkenstein, Germany.
We use Hetzner. They hold ISO 27001 certification.
All data stays in the EU.
Backups run every day.
Need help?
Email support@anonym.legal.
We reply within one business day.
How we test
We run a full check suite on every release.
Each surface gets its own sweep script and report.
Human reviewers spot-check the output each week.
We track recall and precision on a labelled set.
Bad runs block the deploy.
What we never do
- We never sell your information to third parties.
- We never train models on what you upload.
- We never keep your work after you delete it.
- We never share keys with any outside firm.
- We never run ads inside the product.
Plans in plain words
We sell credits, not seats.
One credit covers one short job.
Long jobs use a few credits each.
You can top up at any time.
Unused credits roll over each month.
Read the plans page for current rates.
Who built this
A small team of engineers and lawyers built this.
We ship from Europe and work in the open.
Our founder note spells out why we started.
Where to start
- Open the web app and try a sample file.
- Learn how credits get counted.
- See current plans and limits.
- Meet the team behind the product.
How the parts fit
A browser add-on cleans text inside Chrome.
A Word plug-in handles drafts in Office.
A small desktop tool works on whole folders.
An agent protocol link feeds large models safely.
All four share one core engine and one rule set.
Words from our team
We started this work after a lunch about cookies.
One friend kept getting odd ads on her phone.
We asked why a court file leaked through a draft.
We sketched the first build on a napkin that week.
By month three we had a tiny demo for a friend.
She used it on her first case the next day.
Common questions we hear
Can the tool read scanned PDFs? Yes, with OCR.
Does it work on long files? Yes, in small chunks.
Can I roll my own rule set? Yes, save it as a preset.
Does it run offline? The desktop build runs offline.
Do you keep my files? No, the cloud build wipes after each run.
Will it learn from my work? No, we never train on inputs.
A short tour of the workflow
Upload a file or paste a snippet of prose.
Pick the entities you want gone from the draft.
Choose a method: replace, mask, hash, encrypt, or redact.
Press run and watch the side panel show each hit.
Skim the result and tweak any rule that misfired.
Save the cleaned file or send it to a teammate.