feat(piipolicy): add policy-based automatic PII detection and dynamic…#3506
feat(piipolicy): add policy-based automatic PII detection and dynamic…#3506Deeven-Seru wants to merge 1 commit into
Conversation
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces a PII policy masking feature, allowing the server to mask or deny sensitive fields in tool execution results based on user claims. The changes include adding a new piipolicy package, updating configuration parsing and merging to support piiPolicies, and integrating policy application into the MCP tool execution handlers. The review feedback suggests several high-value improvements: converting strings to rune slices in applyActionToString to correctly handle multi-byte UTF-8 characters, recursively applying PII policies to nested maps and slices within applyToMap to prevent nested data from bypassing masking, validating and pre-compiling regex patterns during configuration parsing to fail fast, and adding corresponding test cases for nested structures.
|
/gemini review |
There was a problem hiding this comment.
Code Review
This pull request introduces a PII (Personally Identifiable Information) policy engine to the MCP Toolbox, allowing the masking or denying of sensitive fields in tool execution results based on user claims and configured rules. The changes include adding PII policy configurations, updating the resource manager, and applying the policy during tool invocation across various MCP protocol versions. The review feedback highlights several critical correctness and performance improvements for the new piipolicy engine. Specifically, it recommends caching compiled regular expressions to avoid expensive on-the-fly compilation, handling primitive types directly in the policy switch to prevent serialization overhead and type mutation, hoisting regex compilation and action checks out of loops, and correctly handling multi-byte UTF-8 characters during string masking to prevent invalid UTF-8 sequences and incorrect length calculations.
Deeven-Seru
force-pushed
the
feat/3373-pii-masking
branch
2 times, most recently
from
aee75a1 to
f09789f
Compare
… masking Implements googleapis#3373 by adding a configurable middleware layer for PII detection and dynamic masking in query results. Features include: - Tier-based identification tied to token claims to enforce masking actions (unmask, partial_mask, full_mask, deny_field). - Rules-based taxonomy classifying PII using regex patterns for unstructured text and explicit column names for structured results. - Fail-closed fallback to prevent accidental exposure of sensitive data.
Deeven-Seru
force-pushed
the
feat/3373-pii-masking
branch
from
f09789f to
d9069a5
Compare
3 participants
1. Description
This PR implements #3373 by adding a policy-based automatic PII detection and dynamic masking layer. It intercepts tool results and dynamically masks PII based on role-based policies defined in
tools.yaml.2. PR Checklist
!if this involves a breaking change3. Issue Reference
Fixes #3373