A self-hosted proxy that masks client PII and proprietary code out of every prompt before it reaches an external LLM — and rehydrates the response afterward — so "Shadow AI" stops being an all-or-nothing bet.
The external model never gets a vote on whether something is sensitive — detection happens before it's ever in the request.