Skip to content

feat(piipolicy): add policy-based automatic PII detection and dynamic…#3506

Open
Deeven-Seru wants to merge 1 commit into
googleapis:mainfrom
Deeven-Seru:feat/3373-pii-masking
Open

feat(piipolicy): add policy-based automatic PII detection and dynamic…#3506
Deeven-Seru wants to merge 1 commit into
googleapis:mainfrom
Deeven-Seru:feat/3373-pii-masking

Conversation

@Deeven-Seru

Copy link
Copy Markdown
Contributor

1. Description
This PR implements #3373 by adding a policy-based automatic PII detection and dynamic masking layer. It intercepts tool results and dynamically masks PII based on role-based policies defined in tools.yaml.

2. PR Checklist

  • Make sure to open an issue as a bug/issue before writing your code!
  • Ensure the tests and linter pass
  • Code coverage does not decrease (if any source code was changed)
  • Appropriate docs were updated (if necessary)
  • Make sure to add ! if this involves a breaking change

3. Issue Reference
Fixes #3373

@Deeven-Seru Deeven-Seru requested review from a team as code owners June 23, 2026 15:21

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces a PII policy masking feature, allowing the server to mask or deny sensitive fields in tool execution results based on user claims. The changes include adding a new piipolicy package, updating configuration parsing and merging to support piiPolicies, and integrating policy application into the MCP tool execution handlers. The review feedback suggests several high-value improvements: converting strings to rune slices in applyActionToString to correctly handle multi-byte UTF-8 characters, recursively applying PII policies to nested maps and slices within applyToMap to prevent nested data from bypassing masking, validating and pre-compiling regex patterns during configuration parsing to fail fast, and adding corresponding test cases for nested structures.

Comment thread internal/piipolicy/engine.go
Comment thread internal/piipolicy/engine.go Outdated
Comment thread internal/server/config.go
Comment thread internal/piipolicy/engine_test.go
@Deeven-Seru

Copy link
Copy Markdown
Contributor Author

/gemini review

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces a PII (Personally Identifiable Information) policy engine to the MCP Toolbox, allowing the masking or denying of sensitive fields in tool execution results based on user claims and configured rules. The changes include adding PII policy configurations, updating the resource manager, and applying the policy during tool invocation across various MCP protocol versions. The review feedback highlights several critical correctness and performance improvements for the new piipolicy engine. Specifically, it recommends caching compiled regular expressions to avoid expensive on-the-fly compilation, handling primitive types directly in the policy switch to prevent serialization overhead and type mutation, hoisting regex compilation and action checks out of loops, and correctly handling multi-byte UTF-8 characters during string masking to prevent invalid UTF-8 sequences and incorrect length calculations.

Comment thread internal/piipolicy/engine.go
Comment thread internal/piipolicy/engine.go
Comment thread internal/piipolicy/engine.go Outdated
Comment thread internal/piipolicy/engine.go
Comment thread internal/piipolicy/engine.go
… masking

Implements googleapis#3373 by adding a configurable middleware layer for PII detection and dynamic masking in query results. Features include:
- Tier-based identification tied to token claims to enforce masking actions (unmask, partial_mask, full_mask, deny_field).
- Rules-based taxonomy classifying PII using regex patterns for unstructured text and explicit column names for structured results.
- Fail-closed fallback to prevent accidental exposure of sensitive data.
@Deeven-Seru Deeven-Seru force-pushed the feat/3373-pii-masking branch from f09789f to d9069a5 Compare June 29, 2026 08:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

feat: Add policy-based automatic PII detection and dynamic masking

3 participants