Skip to main content
Sensitive-data monitoring helps you understand when agents touch private or risky information. It can flag secrets, personal information, sensitive data columns, credential files, database access, and outbound flows. Enable it per agent from agent → SettingsGeneralSensitive data monitoring.

Detection modes

ModeWhat it doesUse when
OffNo scanning and no overheadThe agent never handles private data or external sends
DeterministicFast pattern rules for PII, secrets, credentials, database access, and outbound flowsDefault for most agents
SmartDeterministic rules plus a lightweight LLM pass per turnYou need to catch obfuscated or domain-specific sensitive data
Smart mode can reduce false positives and catch values the rules miss, such as a phone number written in words. Smart-only findings are marked caught by LLM in traces. They are report-only and add some latency and cost.

What gets flagged

SlackHive uses broad categories so the audit trail stays readable:
CategoryExamples
SecretOpenAI keys, Anthropic keys, GitHub tokens, Slack tokens, Stripe keys, JWTs, private keys, connection strings, passwords
Personal infoEmail addresses, phone numbers, card numbers, SSNs, IBANs
Sensitive dataData columns or fields such as salary, payment, passport, address, date of birth, bank account, or custom keywords
Sensitive actionDatabase access, credential-file access, or tools that move data out of SlackHive
Tool input and output are scanned. Agent replies are scanned for values such as PII and secrets.

Custom guidance

In Smart mode, add agent-specific rules under What’s sensitive for this agent. Use one rule per line, for example:
Internal project codenames: Project Atlas, Bluebird
Unreleased pricing or revenue figures
Patient IDs and support case identifiers
This tells the LLM detector what matters for that agent beyond the built-in categories.

Redaction

Turn on Redact secrets in replies when the agent posts into shared channels or reads from sensitive systems. The toggle name is intentionally conservative, but the level you choose controls how much gets masked. Choose a redaction level:
LevelWhat gets masked in the outbound reply
Secrets onlyAPI keys, tokens, passwords, private keys, card numbers, SSNs, and other high-risk values
Secrets + PIISecrets plus emails, phone numbers, and other detected personal information
Everything flaggedEvery detected match, including sensitive data keywords and credential paths
Outbound redaction happens before the message reaches Slack. The private trace still records the event for audit, and non-admin viewers see sensitive values masked in trace views.

Auditing events

Open Observability → Sensitive to review flagged sessions. The Sensitive tab shows:
  • Recent sensitive events
  • Which agent and session touched the data
  • Category and severity
  • Whether the event was caught by deterministic rules or Smart mode
  • Sensitive data flows, such as data found in an outbound sink
Click an event to open the trace at the exact span. Admins can reveal raw values when needed; other roles see redacted content.

Operational defaults

Recommended starting point:
Agent typeDetectionRedaction
Data analyst, finance, support, HRDeterministic or SmartSecrets only, or Secrets + PII for shared channels
Engineering/code agentsDeterministicSecrets only
Public research or writing agentsDeterministicOff unless they handle user data
High-risk regulated workflowsSmartSecrets + PII or Everything flagged

Advanced keyword tuning

Admins can extend deterministic matching from .env:
VariablePurpose
SENSITIVE_DATA_KEYWORDSExtra comma-separated data-field keywords to flag in tool arguments
SENSITIVE_TOOLSExtra comma-separated tool-name fragments to treat as sensitive tools
Restart SlackHive after changing .env.

Observability

Review sensitive events, sessions, tools, tokens, and traces.

Agent Evals

Catch prompt, skill, tool, and behavior regressions before they hit Slack.