PII Detection
The PII detection guardrail scans every outbound email for personally identifiable information. If your AI agent accidentally includes a customer's Social Security number, credit card, or other sensitive data in an email, Sluice catches it before the email goes out.
| Default | Disabled |
| Risk levels | Green / Orange / Red (based on confidence thresholds) |
Important: This guardrail requires fine-tuning before use to prevent false positives. For example, your sender's own contact details (name, phone number, email address) will be flagged as PII unless you add those categories to the whitelist. We recommend configuring your whitelisted categories and testing with a few emails before enabling this rule in production.
What it detects
Sluice detects over 20 types of personally identifiable information:
- Financial — Credit card numbers, bank account numbers, IBAN codes, cryptocurrency wallet addresses
- Government IDs — Social Security numbers (US), driver's license numbers, passport numbers, tax file numbers, national IDs (US, UK, AU, SG, IN)
- Healthcare — Medical IDs, NHS numbers (UK), Medicare numbers (AU)
- Contact — Phone numbers, IP addresses
- Other — Australian Business Numbers (ABN/ACN), Indian PAN/Aadhaar numbers, Singapore NRIC/FIN
Each detected entity gets a confidence score between 0 and 1. The score reflects how likely the detected text is actual PII rather than a false positive.
Configuration
| Setting | Default | Description |
|---|---|---|
| Orange threshold | 0.5 | Confidence score that triggers an orange flag (review recommended) |
| Red threshold | 0.85 | Confidence score that triggers a red flag (likely real PII) |
| Whitelisted categories | None | PII types to ignore (see list below) |
Whitelisting PII types
Some PII types are expected in your emails. For example, if your AI agent sends customer support emails, it probably needs to include the customer's name and email address. You can whitelist specific PII categories so they don't trigger the guardrail.
Available categories for whitelisting:
PERSON, EMAIL_ADDRESS, PHONE_NUMBER, CREDIT_CARD, CRYPTO, IBAN_CODE, IP_ADDRESS, NRP, LOCATION, DATE_TIME, US_SSN, US_BANK_NUMBER, US_DRIVER_LICENSE, US_PASSPORT, UK_NHS, MEDICAL_LICENSE, URL, US_ITIN, AU_ABN, AU_ACN, AU_TFN, AU_MEDICARE, SG_NRIC_FIN, IN_PAN, IN_AADHAAR
Use cases
Customer support agent — Your AI agent replies to support tickets. Whitelist PERSON and EMAIL_ADDRESS (the agent needs to use customer names), but keep financial and government ID detection active to catch accidental data leaks.
Healthcare communication — Tighten the red threshold to 0.7 so even moderate-confidence PII detections are blocked. Healthcare data breaches carry severe regulatory penalties.
Financial services — Keep default thresholds but whitelist LOCATION and DATE_TIME if your emails regularly reference transaction dates and locations.
Example
An AI agent drafts a reply that accidentally includes: "Your account ending in 4532-7891-0023-4456 has been updated."
The PII detection guardrail flags this:
| Entity | Type | Confidence |
|---|---|---|
| 4532-7891-0023-4456 | CREDIT_CARD | 0.97 |
Result: Red (confidence 0.97 exceeds the red threshold of 0.85). The email is held for review, and the reviewer can see exactly what was flagged and remove the credit card number before approving.