LocalMask
See it in action

AI should read your code,
not your secrets.

LocalMask masks secrets, PII, and org data into safe tokens on your machine. Your AI tools read the tokens. The real values stay home.

0:00 / 0:00
Click to unmute 🔇
Download the free CLI Register for early access

Open source, runs offline. localmask scan finds the secrets; localmask publish pushes a masked git mirror your AI tools can read — GitHub, GitLab, Bitbucket, or self-hosted. How the masked mirror works ↓

Local-first privacy for AI coding

This is what the AI
actually sees.

Scan the repo, mask credentials and PII into reversible tokens, and send only tokens to Claude, GPT, or Gemini. Answers come back and rehydrate on your machine. Try the sensitivity levels on the real .env file →

No spam — one note when the private beta opens.

You're on the list. We'll reach out when the beta opens.
Sensitivity level
payments-service / .env scanning… 8 secrets masked · safe to send
# payments-service/.env — sent to ClaudeDATABASE_URL=postgres://payments_rw~[DB_USER_0]~:pV9$kQ2!zR~[PASSWORD_0]~@db-prod-01.acme.internal~[HOST_0]~:5432~[PORT_0]~/payments~[DB_NAME_0]~STRIPE_SECRET_KEY=sk_live_51MspeZv8Klo2CqR7xY~[API_KEY_0]~JWT_SIGNING_KEY=hs256-9f3a7c1e8b2d4061~[API_KEY_1]~AWS_ACCESS_KEY_ID=AKIA5J7QX9P2M4RTUVWX~[AWS_KEY_0]~ONCALL_EMAIL=[email protected]~[EMAIL_0]~INTERNAL_API=https://vault.acme.internal~[HOST_1]~/v2
real secret becomes → token the AI sees
What you get

Mask in your editor, or hand the AI a masked mirror.

LocalMask doesn't decide what may reach the AI — it helps make what reaches the AI safe to send. And with your reviews and teaching, it keeps getting better.

Masked repo mirror

  • Scan a repo, publish a private masked copy the AI reads
  • Every secret becomes a stable ~[TOKEN]~
  • Finance Mode: AI computes on ratios, never your figures
  • Git sync keeps the mirror current

AI proxy · masking before your AI Pro

  • Point any AI tool at LocalMask — prompts are masked on your machine, then forwarded
  • Chains to your company's existing AI gateway: compliance sees clean prompts and stops blocking developers
  • Bring your own AI + key — OpenAI, Claude, Azure, self-host

Local, learning, yours

  • Persistent encrypted vault — stable tokens across restarts
  • Editable detection rules, no code
  • 8 language packs — CNP, ת״ז, DNI, passports (checksum-validated)
  • Local AI model that learns (Pro)
  • Team-shared vault, LDAP/AD, SSO (Enterprise)

Free & open source on GitHub ↗ — run it entirely offline with the CLI + MCP server.

New · Finance Mode

AI analysis for your finances —
without showing it a single number.

1. LocalMask replaces every amount with a ratio to R — a random number only your machine knows. $42,000 becomes 1.15×R.
2. Your AI reads the ratios and does the analysis — it never sees amounts, currency, or scale.
3. Answers come back translated to real numbers, locally.
on your disk
salary Dana: $42,000
salary John: $35,000
what the AI sees
salary Dana: 1.15×R
salary John: 0.96×R
you ask
"Is Dana paid fairly compared to John?"
the AI answers — correctly
"Dana earns about 20% more than John."

Relative mode is free & open source. Choosing the opacity level and locking it org-wide are Pro / Team — see pricing.

LOCALMASK_MONEY_MODE=relative localmask scan .

Also new: 8 language packs — Romanian (CNP) · Hebrew (ת״ז) · Russian · Arabic · Spanish (DNI) · French · German · Italian. National IDs are checksum-validated.

Pricing

Free forever. Pro and Enterprise are annual, per seat.

Free · OSS

$0
open source
  • Regex + entropy engine
  • Finance Mode: AI computes on ratios
  • 8 language packs
  • Masked-repo mirror the AI reads
  • CLI + MCP server
  • Edit detections
Get the CLI

Pro

$149
per seat / year
  • Everything in Free
  • Local AI model + learning
  • Web dashboard
  • AI proxy — masking before your AI / gateway
  • Finance Mode: you choose what the AI sees
Buy Pro

Team

$199
per seat / year · 5+ seats
  • Everything in Pro
  • Shared org rules
  • Lock security settings org-wide
  • Priority support
Buy Team

Enterprise

Custom
let's talk
  • Everything in Team
  • Central proxy fleet
  • LDAP/AD + SSO
  • Audit + support
Contact sales

Annual licenses, validated offline (no monthly re-activation, no phone-home). Keys are per seat.

Free CLI · open source

Install and mask a repo in two commands.

with pipx — recommended, works anywhere
pipx install localmask
or with pip — inside a virtualenv
python3 -m venv .venv && .venv/bin/pip install localmask
then scan any repo
localmask scan ./your-repo

It's on PyPI as localmask. On a Mac you can also brew install sgury/localmask/localmask, or grab the tarball.

Then localmask publish <scan> <masked-repo-url> creates a private masked git mirror your AI tools can safely read.

Works with GitHub, GitLab, Bitbucket, self-hosted git & Google Secure Source Manager. Tokens are handled via GIT_ASKPASS — never in a URL, process args, or .git/config — and only masked content is ever pushed. In free you use your own AI (paste the masked files or point it at the mirror); Pro adds built-in Ask-AI + the proxy. Full guide & security on GitHub →

Palantir CEO on CNBC · July 2026

Are you keeping the data?
LocalMask makes the question irrelevant.

Alex Karp told CNBC that enterprises fear one thing about AI vendors: they pay for tokens and hand over their IP. He's right about the worry. Here's the architecture that removes it.

The worry — watch the clip

Karp says something has gone completely wrong with how AI is sold: enterprises send their data and their alpha to model vendors and can't answer the most basic governance question — who ends up holding it?

Clip: CNBC Squawk Box, July 1 2026 (official CNBC YouTube channel)

The answer — mask before it ever leaves

sk-live-4f9d… ‹API_KEY_01› // the real value never leaves your machine
  • Secrets and PII are detected and masked locally, before any prompt reaches Claude, GPT, or any model.
  • Only metadata travels — file path, line number, pattern type. Never the value.
  • The token map stays on your disk, encrypted, git-ignored. No phone-home. Ever.
  • Keep using frontier AI. Stop shipping your IP with every prompt.
See how the pre-gate works

LocalMask Pro is not affiliated with, or endorsed by, Palantir, Alex Karp, or CNBC. The clip is embedded from CNBC's official YouTube channel and quoted for commentary.

Private beta

Lock it down before you ship it to AI.

Runs on your laptop; the token vault never leaves it. We're opening a small private beta — leave your email and we'll write once, when it's ready.

No spam — one note when the beta opens.

You're on the list. We'll reach out when the beta opens.