LocalMask
See it in action

AI should read your code,
not your secrets.

LocalMask masks secrets, PII, and org data into safe tokens on your machine. Your AI tools read the tokens. The real values stay home.

0:00 / 0:00
Click to unmute 🔇
Download the free CLI Register for early access

Open source, runs offline. localmask scan finds the secrets; localmask publish pushes a masked git mirror your AI tools can read — GitHub, GitLab, Bitbucket, or self-hosted. How the masked mirror works ↓

Local-first privacy for AI coding

This is what the AI
actually sees.

Scan the repo, mask credentials and PII into reversible tokens, and send only tokens to Claude, GPT, or Gemini. Answers come back and rehydrate on your machine. Try the sensitivity levels on the real .env file →

No spam — one note when the private beta opens.

You're on the list. We'll reach out when the beta opens.
Sensitivity level
payments-service / .env scanning… 8 secrets masked · safe to send
# payments-service/.env — sent to ClaudeDATABASE_URL=postgres://payments_rw~[DB_USER_0]~:pV9$kQ2!zR~[PASSWORD_0]~@db-prod-01.acme.internal~[HOST_0]~:5432~[PORT_0]~/payments~[DB_NAME_0]~STRIPE_SECRET_KEY=sk_live_51MspeZv8Klo2CqR7xY~[API_KEY_0]~JWT_SIGNING_KEY=hs256-9f3a7c1e8b2d4061~[API_KEY_1]~AWS_ACCESS_KEY_ID=AKIA5J7QX9P2M4RTUVWX~[AWS_KEY_0]~ONCALL_EMAIL=dana.cohen@acme-bank.com~[EMAIL_0]~INTERNAL_API=https://vault.acme.internal~[HOST_1]~/v2
real secret becomes → token the AI sees
What you get

Mask in your editor, or hand the AI a masked mirror.

Masked repo mirror

  • Scan a repo, publish a private masked copy the AI reads
  • Every secret becomes a stable ~[TOKEN]~
  • Git sync keeps the mirror current

AI proxy · prompt firewall Pro

  • Point any AI tool at LocalMask; prompts are scrubbed live
  • Bring your own AI + key — OpenAI, Claude, Azure, self-host
  • Audit log proves no secret reached the provider

Local, learning, yours

  • Persistent encrypted vault — stable tokens across restarts
  • Editable detection rules, no code
  • Local AI model that learns (Pro)
  • Team-shared vault, LDAP/AD, SSO (Enterprise)

Free & open source on GitHub ↗ — run it entirely offline with the CLI + MCP server.

Pricing

Free forever. Pro and Enterprise are annual, per seat.

Free · OSS

$0
open source
  • Regex + entropy engine
  • Masked-repo mirror the AI reads
  • CLI + MCP server
  • Edit detections
Get the CLI

Pro

$149
per seat / year
  • Everything in Free
  • Local AI model + learning
  • Web dashboard
  • AI proxy (prompt firewall)
Buy Pro

Team

$199
per seat / year · 5+ seats
  • Everything in Pro
  • Shared org rules
  • Priority support
Buy Team

Enterprise

Custom
let's talk
  • Everything in Team
  • Central proxy fleet
  • LDAP/AD + SSO
  • Audit + support
Contact sales

Annual licenses, validated offline (no monthly re-activation, no phone-home). Keys are per seat.

Free CLI · open source

Install and mask a repo in two commands.

Download the free CLI (.tar.gz)
tar -xzf localmask-free-0.9.0.tar.gz && pip install ./localmask-free-0.9.0
localmask scan ./your-repo

Then localmask publish <scan> <masked-repo-url> creates a private masked git mirror your AI tools can safely read. Once we're on PyPI you'll also be able to pip install localmask.

Works with GitHub, GitLab, Bitbucket, self-hosted git & Google Secure Source Manager. Tokens are handled via GIT_ASKPASS — never in a URL, process args, or .git/config — and only masked content is ever pushed. In free you use your own AI (paste the masked files or point it at the mirror); Pro adds built-in Ask-AI + the proxy. Full guide & security on GitHub →

Palantir CEO on CNBC · July 2026

Are you keeping the data?
LocalMask makes the question irrelevant.

Alex Karp told CNBC that enterprises fear one thing about AI vendors: they pay for tokens and hand over their IP. He's right about the worry. Here's the architecture that removes it.

The worry — watch the clip

Karp says something has gone completely wrong with how AI is sold: enterprises send their data and their alpha to model vendors and can't answer the most basic governance question — who ends up holding it?

Clip: CNBC Squawk Box, July 1 2026 (official CNBC YouTube channel)

The answer — mask before it ever leaves

sk-live-4f9d… ‹API_KEY_01› // the real value never leaves your machine
  • Secrets and PII are detected and masked locally, before any prompt reaches Claude, GPT, or any model.
  • Only metadata travels — file path, line number, pattern type. Never the value.
  • The token map stays on your disk, encrypted, git-ignored. No phone-home. Ever.
  • Keep using frontier AI. Stop shipping your IP with every prompt.
See how the pre-gate works

LocalMask Pro is not affiliated with, or endorsed by, Palantir, Alex Karp, or CNBC. The clip is embedded from CNBC's official YouTube channel and quoted for commentary.

Private beta

Lock it down before you ship it to AI.

Runs on your laptop; the token vault never leaves it. We're opening a small private beta — leave your email and we'll write once, when it's ready.

No spam — one note when the beta opens.

You're on the list. We'll reach out when the beta opens.