PII Redaction for Traces ↗

Documentation Index#

Fetch the complete documentation index at: https://docs.crewai.com/llms.txt Use this file to discover all available pages before exploring further.

Automatically redact sensitive data from crew and flow execution traces

Overview#

PII Redaction is a CrewAI AMP feature that automatically detects and masks Personally Identifiable Information (PII) in your crew and flow execution traces. This ensures sensitive data like credit card numbers, social security numbers, email addresses, and names are not exposed in your CrewAI AMP traces. You can also create custom recognizers to protect organization-specific data.

PII Redaction is available on the Enterprise plan. Deployment must be version 1.8.0 or higher.

Why PII Redaction Matters#

When running AI agents in production, sensitive information often flows through your crews:

• Customer data from CRM integrations
• Financial information from payment processors
• Personal details from form submissions
• Internal employee data

Without proper redaction, this data appears in traces, making compliance with regulations like GDPR, HIPAA, and PCI-DSS challenging. PII Redaction solves this by automatically masking sensitive data before it’s stored in traces.

How It Works#

1. Detect - Scan trace event data for known PII patterns
2. Classify - Identify the type of sensitive data (credit card, SSN, email, etc.)
3. Mask/Redact - Replace the sensitive data with masked values based on your configuration

Original: "Contact john.doe@company.com or call 555-123-4567"
Redacted: "Contact <EMAIL_ADDRESS> or call <PHONE_NUMBER>"

Enabling PII Redaction#

You must be on the Enterprise plan and your deployment must be version 1.8.0 or higher to use this feature.

In the CrewAI AMP dashboard, select your deployed crew and go to one of your deployments/automations, then navigate to Settings → PII Protection.

Toggle on PII Redaction for Traces. This will enable automatic scanning and redaction of trace data.

You need to manually enable PII Redaction for each deployment.

    <img src="https://mintcdn.com/crewai/rRbIBTp0TLHy1mKJ/images/enterprise/pii_mask_recognizer_enable.png?fit=max&auto=format&n=rRbIBTp0TLHy1mKJ&q=85&s=84bc5f827526a8a3744e46a3bc3a8996" alt="Enable PII Redaction" data-og-width="1804" width="1804" data-og-height="630" height="630" data-path="images/enterprise/pii_mask_recognizer_enable.png" data-optimize="true" data-opv="3" srcset="https://mintcdn.com/crewai/rRbIBTp0TLHy1mKJ/images/enterprise/pii_mask_recognizer_enable.png?w=280&fit=max&auto=format&n=rRbIBTp0TLHy1mKJ&q=85&s=9daaa697d15ef6762d4e5a2bfac481fb 280w, https://mintcdn.com/crewai/rRbIBTp0TLHy1mKJ/images/enterprise/pii_mask_recognizer_enable.png?w=560&fit=max&auto=format&n=rRbIBTp0TLHy1mKJ&q=85&s=13e963a83d5b299a946300af0ff02394 560w, https://mintcdn.com/crewai/rRbIBTp0TLHy1mKJ/images/enterprise/pii_mask_recognizer_enable.png?w=840&fit=max&auto=format&n=rRbIBTp0TLHy1mKJ&q=85&s=462eb210318d45df03518772dc38b22a 840w, https://mintcdn.com/crewai/rRbIBTp0TLHy1mKJ/images/enterprise/pii_mask_recognizer_enable.png?w=1100&fit=max&auto=format&n=rRbIBTp0TLHy1mKJ&q=85&s=ea222d39bb1e8c33180ef434e589c77a 1100w, https://mintcdn.com/crewai/rRbIBTp0TLHy1mKJ/images/enterprise/pii_mask_recognizer_enable.png?w=1650&fit=max&auto=format&n=rRbIBTp0TLHy1mKJ&q=85&s=c9ee6df144e4137518943607d95a277e 1650w, https://mintcdn.com/crewai/rRbIBTp0TLHy1mKJ/images/enterprise/pii_mask_recognizer_enable.png?w=2500&fit=max&auto=format&n=rRbIBTp0TLHy1mKJ&q=85&s=45c6f3a7d41342a010b4bbadf0516a97 2500w" />

Select which types of PII to detect and redact. Each entity can be individually enabled or disabled.

    <img src="https://mintcdn.com/crewai/rRbIBTp0TLHy1mKJ/images/enterprise/pii_mask_recognizer_supported_entities.png?fit=max&auto=format&n=rRbIBTp0TLHy1mKJ&q=85&s=3ee3c500417adb7376a1099f7edb5456" alt="Configure Entities" data-og-width="1774" width="1774" data-og-height="890" height="890" data-path="images/enterprise/pii_mask_recognizer_supported_entities.png" data-optimize="true" data-opv="3" srcset="https://mintcdn.com/crewai/rRbIBTp0TLHy1mKJ/images/enterprise/pii_mask_recognizer_supported_entities.png?w=280&fit=max&auto=format&n=rRbIBTp0TLHy1mKJ&q=85&s=2756e09744b24a2d1df455e8681c57ef 280w, https://mintcdn.com/crewai/rRbIBTp0TLHy1mKJ/images/enterprise/pii_mask_recognizer_supported_entities.png?w=560&fit=max&auto=format&n=rRbIBTp0TLHy1mKJ&q=85&s=89447827685cfde606532702b71d25a1 560w, https://mintcdn.com/crewai/rRbIBTp0TLHy1mKJ/images/enterprise/pii_mask_recognizer_supported_entities.png?w=840&fit=max&auto=format&n=rRbIBTp0TLHy1mKJ&q=85&s=9e9a992dcd4fb78c710301e7284ed6d9 840w, https://mintcdn.com/crewai/rRbIBTp0TLHy1mKJ/images/enterprise/pii_mask_recognizer_supported_entities.png?w=1100&fit=max&auto=format&n=rRbIBTp0TLHy1mKJ&q=85&s=1e68d9d23c2e798580d7f8034969a243 1100w, https://mintcdn.com/crewai/rRbIBTp0TLHy1mKJ/images/enterprise/pii_mask_recognizer_supported_entities.png?w=1650&fit=max&auto=format&n=rRbIBTp0TLHy1mKJ&q=85&s=3f2cf1d0b4da0c10b93dd7ac8610b3ab 1650w, https://mintcdn.com/crewai/rRbIBTp0TLHy1mKJ/images/enterprise/pii_mask_recognizer_supported_entities.png?w=2500&fit=max&auto=format&n=rRbIBTp0TLHy1mKJ&q=85&s=6fcc66fd685b143677477d712aceeaaa 2500w" />

Save your configuration. PII redaction will be active on all subsequent crew executions, no redeployment is needed.

Supported Entity Types#

CrewAI supports the following PII entity types, organized by category.

Global Entities#

US-Specific Entities#

Redaction Actions#

For each enabled entity, you can configure how the data is redacted:

Custom Recognizers#

In addition to built-in entities, you can create custom recognizers to detect organization-specific PII patterns.

Recognizer Types#

You have two options for custom recognizers:

Creating a Custom Recognizer#

Go to your Organization Settings → Organization → Add Recognizer.

    <img src="https://mintcdn.com/crewai/rRbIBTp0TLHy1mKJ/images/enterprise/pii_mask_recognizer_create.png?fit=max&auto=format&n=rRbIBTp0TLHy1mKJ&q=85&s=678fd086346d2a12649df04670ae66fe" alt="Configure Recognizer" data-og-width="3680" width="3680" data-og-height="2392" height="2392" data-path="images/enterprise/pii_mask_recognizer_create.png" data-optimize="true" data-opv="3" srcset="https://mintcdn.com/crewai/rRbIBTp0TLHy1mKJ/images/enterprise/pii_mask_recognizer_create.png?w=280&fit=max&auto=format&n=rRbIBTp0TLHy1mKJ&q=85&s=617de34f1d61823d8c5e0786c4e1cdf0 280w, https://mintcdn.com/crewai/rRbIBTp0TLHy1mKJ/images/enterprise/pii_mask_recognizer_create.png?w=560&fit=max&auto=format&n=rRbIBTp0TLHy1mKJ&q=85&s=656210c857fbbaad4170c8a277efebda 560w, https://mintcdn.com/crewai/rRbIBTp0TLHy1mKJ/images/enterprise/pii_mask_recognizer_create.png?w=840&fit=max&auto=format&n=rRbIBTp0TLHy1mKJ&q=85&s=4cf824640e706f40f79df2e56ac5795b 840w, https://mintcdn.com/crewai/rRbIBTp0TLHy1mKJ/images/enterprise/pii_mask_recognizer_create.png?w=1100&fit=max&auto=format&n=rRbIBTp0TLHy1mKJ&q=85&s=5e0412157c5fe21fc5c9fd0b7e198c98 1100w, https://mintcdn.com/crewai/rRbIBTp0TLHy1mKJ/images/enterprise/pii_mask_recognizer_create.png?w=1650&fit=max&auto=format&n=rRbIBTp0TLHy1mKJ&q=85&s=12fb94ca51adea99cc7bd18bb533a966 1650w, https://mintcdn.com/crewai/rRbIBTp0TLHy1mKJ/images/enterprise/pii_mask_recognizer_create.png?w=2500&fit=max&auto=format&n=rRbIBTp0TLHy1mKJ&q=85&s=be8f8c1f27f1305cf0bbc62baeb60385 2500w" />

Configure the following fields:

• Name: A descriptive name for the recognizer

• Entity Type: The entity label that will appear in redacted output (e.g., EMPLOYEE_ID, SALARY)

• Type: Choose between Regex Pattern or Deny List

• Pattern/Values: Regex pattern or list of strings to match

• Confidence Threshold: Minimum score (0.0-1.0) required for a match to trigger redaction. Higher values (e.g., 0.8) reduce false positives but may miss some matches. Lower values (e.g., 0.5) catch more matches but may over-redact. Default is 0.8.

• Context Words (optional): Words that increase detection confidence when found nearby

  Save the recognizer. It will be available to enable on your deployments.

Understanding Entity Types#

The Entity Type determines how matched content appears in redacted traces:

Entity Type: SALARY
Pattern: salary:\s*\$\s*\d+
Input: "Employee salary: $50,000"
Output: "Employee <SALARY>"

Using Context Words#

Context words improve accuracy by increasing confidence when specific terms appear near the matched pattern:

Context Words: "project", "code", "internal"
Entity Type: PROJECT_CODE
Pattern: PRJ-\d{4}

When “project” or “code” appears near “PRJ-1234”, the recognizer has higher confidence it’s a true match, reducing false positives.

Viewing Redacted Traces#

Once PII redaction is enabled, your traces will show redacted values in place of sensitive data:

Task Output: "Customer <PERSON> placed order #12345.
Contact email: <EMAIL_ADDRESS>, phone: <PHONE_NUMBER>.
Payment processed for card ending in <CREDIT_CARD>."

Redacted values are clearly marked with angle brackets and the entity type label (e.g., <EMAIL_ADDRESS>), making it easy to understand what data was protected while still allowing you to debug and monitor crew behavior.

Best Practices#

Performance Considerations#

Each enabled entity adds processing overhead. Only enable entities relevant to your data.

For custom recognizers, use specific patterns to reduce false positives and improve performance. Regex patterns are best when identifying specific patterns in the traces such as salary, employee id, project code, etc. Deny-list recognizers are best when identifying exact strings in the traces such as company names, internal codenames, etc.

Context words improve accuracy by only triggering detection when surrounding text matches.

Troubleshooting#

**Possible Causes:**

• Entity type not enabled in configuration
• Pattern doesn’t match the data format
• Custom recognizer has syntax errors

Solutions:

• Verify entity is enabled in Settings → Security
• Test regex patterns with sample data
• Check logs for configuration errors

**Possible Causes:**

• Overly broad entity types enabled (e.g., DATE_TIME catches dates everywhere)
• Custom recognizer patterns are too general

Solutions:

• Disable entities that cause false positives
• Make custom patterns more specific
• Add context words to improve accuracy

**Possible Causes:**

• Too many entities enabled
• NLP-based entities (PERSON, LOCATION, NRP) are computationally expensive as they use machine learning models

Solutions:

• Only enable entities you actually need
• Consider using pattern-based alternatives where possible
• Monitor trace processing times in the dashboard

---

Practical Example: Salary Pattern Matching#

This example demonstrates how to create a custom recognizer to detect and mask salary information in your traces.

Use Case#

Your crew processes employee or financial data that includes salary information in formats like:

• salary: $50,000
• salary: $125,000.00
• salary:$1,500.50

You want to automatically mask these values to protect sensitive compensation data.

Configuration#

Field	Value
Name	SALARY
Entity Type	SALARY
Type	Regex Pattern
Regex Pattern	salary:\s*\$\s*\d{1,3}(,\d{3})*(\.\d{2})?
Action	Mask
Confidence Threshold	0.8
Context Words	salary, compensation, pay, wage, income

Regex Pattern Breakdown#

Pattern Component	Meaning
salary:	Matches the literal text “salary:”
\s*	Matches zero or more whitespace characters
\$	Matches the dollar sign (escaped)
\s*	Matches zero or more whitespace characters after $
\d{1,3}	Matches 1-3 digits (e.g., “1”, “50”, “125”)
(,\d{3})*	Matches comma-separated thousands (e.g., “,000”, “,500,000”)
(\.\d{2})?	Optionally matches cents (e.g., “.00”, “.50”)

Example Results#

Original: "Employee record shows salary: $125,000.00 annually"
Redacted: "Employee record shows <SALARY> annually"

Original: "Base salary:$50,000 with bonus potential"
Redacted: "Base <SALARY> with bonus potential"

Adding context words like “salary”, “compensation”, “pay”, “wage”, and “income” helps increase detection confidence when these terms appear near the matched pattern, reducing false positives.

Enable the Recognizer for Your Deployments#

Creating a custom recognizer at the organization level does not automatically enable it for your deployments. You must manually enable each recognizer for every deployment where you want it applied.

After creating your custom recognizer, enable it for each deployment:

Go to your deployment/automation and open Settings → PII Protection.

Under Mask Recognizers, you’ll see your organization-defined recognizers. Check the box next to the recognizers you want to enable.

    <img src="https://mintcdn.com/crewai/rRbIBTp0TLHy1mKJ/images/enterprise/pii_mask_recognizers_options.png?fit=max&auto=format&n=rRbIBTp0TLHy1mKJ&q=85&s=00564c6614b0559df44bae4b4a73f2d5" alt="Enable Custom Recognizer" data-og-width="2034" width="2034" data-og-height="542" height="542" data-path="images/enterprise/pii_mask_recognizers_options.png" data-optimize="true" data-opv="3" srcset="https://mintcdn.com/crewai/rRbIBTp0TLHy1mKJ/images/enterprise/pii_mask_recognizers_options.png?w=280&fit=max&auto=format&n=rRbIBTp0TLHy1mKJ&q=85&s=8681e5c00652b5b37b5bb07c0dd8b82f 280w, https://mintcdn.com/crewai/rRbIBTp0TLHy1mKJ/images/enterprise/pii_mask_recognizers_options.png?w=560&fit=max&auto=format&n=rRbIBTp0TLHy1mKJ&q=85&s=c724e7fd6979fdedc2e3bcc53caf9620 560w, https://mintcdn.com/crewai/rRbIBTp0TLHy1mKJ/images/enterprise/pii_mask_recognizers_options.png?w=840&fit=max&auto=format&n=rRbIBTp0TLHy1mKJ&q=85&s=c6529584d29a0b5504c195f2c3de6418 840w, https://mintcdn.com/crewai/rRbIBTp0TLHy1mKJ/images/enterprise/pii_mask_recognizers_options.png?w=1100&fit=max&auto=format&n=rRbIBTp0TLHy1mKJ&q=85&s=c7f6882d517b4038e6a1e46af5c1961e 1100w, https://mintcdn.com/crewai/rRbIBTp0TLHy1mKJ/images/enterprise/pii_mask_recognizers_options.png?w=1650&fit=max&auto=format&n=rRbIBTp0TLHy1mKJ&q=85&s=3e4f119f7597f8ef28cfdb6d90ce186c 1650w, https://mintcdn.com/crewai/rRbIBTp0TLHy1mKJ/images/enterprise/pii_mask_recognizers_options.png?w=2500&fit=max&auto=format&n=rRbIBTp0TLHy1mKJ&q=85&s=fe61d7dae12b6c79fb92a31169d07d0f 2500w" />

Save your changes. The recognizer will be active on all subsequent executions for this deployment.

Repeat this process for each deployment where you need the custom recognizer. This gives you granular control over which recognizers are active in different environments (e.g., development vs. production).