Your AI sees aliases.
Your secrets stay yours.

Maskit is an MCP proxy that intercepts tool responses to mask sensitive data—replacing real credentials, hostnames, and PII with safe aliases before they reach AI agents.

❌ Without Maskit
{
  "host": "prod-db.internal.net",
  "api_key": "sk_live_abc123...",
  "user": "john.smith@acme.com"
}
✓ With Maskit
{
  "host": "host_1",
  "api_key": "key_1",
  "user": "user_42"
}
Get Started View on GitHub

Why It Matters

💻

MCP Tools Exposing Secrets

MCP servers return database credentials, API keys, and internal hostnames in tool responses. Maskit intercepts these responses and replaces sensitive values with aliases before they reach the AI.

🔒

Enterprise PII Protection

MCP database tools return real customer data—names, emails, account numbers. Maskit masks PII in tool responses so agents reason about customer_42 instead of John Smith.

⚖️

Compliance Made Enforceable

GDPR, SOC2, HIPAA require that sensitive data isn't sent to third-party AI services. Maskit is the enforcement layer that sits in the data path.

☸️

Production Tool Access, Zero Trust

MCP servers with kubectl or cloud CLI access return secrets, tokens, and internal IPs in responses. Maskit masks these values and uses guardrails to block dangerous tool calls.

🛡️

Context Window Paranoia

Every MCP tool response goes to external AI servers. Maskit intercepts these responses and filters what the AI actually sees—real secrets stay local, only aliases are sent.

How It Works

AI Agent
requests tool execution
Maskit Proxy
forwards request
MCP Server
returns real data
Maskit Proxy
masks sensitive fields
AI Agent
sees only aliases

When the agent uses those aliases in future calls, Maskit transparently unmasks them back to real values before forwarding to the MCP server.

Key Features

🎭

Field Masking

Alias sensitive values automatically based on configurable rules. Real data never reaches the AI.

🔄

Transparent Unmasking

Agent uses aliases naturally; Maskit swaps in real values before forwarding—zero friction.

🚧

Guardrails

Block tool calls that match dangerous patterns (regex, contains, equals). Prevent rm -rf disasters.

💉

Argument Injection

Silently inject required values (auth tokens, org IDs) the agent shouldn't see or handle.

✂️

Field Stripping

Remove entire fields from responses. The agent never even knows they exist.

📊

Live Traffic Dashboard

See every tool call, what was masked, what was blocked—in real-time.

🔌

Works With Any MCP Server

stdio or HTTP transport. Zero changes to existing servers. Drop-in security.

Getting Started

# Coming soon
pip install maskit
maskit init

Maskit is in active development. Star the repo to get notified when it's published.