Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.poolside.ai/llms.txt

Use this file to discover all available pages before exploring further.

Overview

Use redaction patterns to redact API keys, tokens, internal credentials, and other sensitive values that match a configured pattern. When text matches a redaction pattern, Poolside replaces it with ⟦SECRET_REDACTED⟧ before sending the text to the model or storing it. Organization patterns provide deployment-wide protection. User patterns provide local or project-specific protection without requiring administrator access. When an agent run cannot load organization patterns from the API, such as in standalone mode, fallback default patterns still protect common secret formats unless you turn them off in settings.yaml. Pattern-based redaction works independently of the secrets feature, so it can catch sensitive values even when they are not registered as secrets.

How redaction works

When you send a message or an agent receives tool output, Poolside checks the content before the agent sees it:
  1. Exact-value redaction: Redacts values resolved through secrets interpolation. See Secrets for details.
  2. Pattern-based redaction: Redacts text that matches an organization, fallback default, or user regular expression pattern.
For tool output, Poolside applies both layers in sequence. For user input, Poolside applies pattern-based redaction before sending it to the model or storing it in caches.

Choose where to configure patterns

Choose the pattern scope based on who needs the protection:
ScopeUse whenManaged in
Organization patterns, including Poolside-seeded defaultsYou want the pattern to apply across the organizationPoolside Console
Fallback default patternsYou want common secret formats redacted when a run, such as standalone mode, cannot load organization patterns from the APIsettings.yaml
User patternsYou need a personal or project-specific patternsettings.yaml

Organization patterns

If you belong to a team with the tenant-admin role, manage organization patterns in the Poolside Console under Security > https://mintcdn.com/poolside/Tz6xG1rOCu6JtFws/images/icons/redaction-patterns-icon.svg?fit=max&auto=format&n=Tz6xG1rOCu6JtFws&q=85&s=7f3c227df97b20297fec866f5e23469a Redaction Patterns. Use organization patterns to protect secret formats that are common in your deployment, such as internal API keys, service tokens, or database connection strings. Your deployment includes default organization patterns for common secret formats. You can edit those defaults or add patterns for your own stack. Use the pattern editor to test patterns against sample text and refer to RE2 syntax quick reference while you write or troubleshoot a pattern.

Default organization patterns

Default organization patterns protect common secret formats. Your deployment starts with the seeded default set, which can change in product releases. Because administrators can also edit or delete defaults in the Poolside Console, the active defaults in your deployment can differ from this list. You also get this default set as fallback protection when an agent run, such as standalone mode, cannot load organization patterns from the API.
PatternPrefix / markerExample match
Amazon Web Services (AWS) access key IDAKIAAKIA1234567890ABCDEF
AWS session tokenASIAASIA1234567890ABCDEF
AWS Security Token Service (STS) tokenABIAABIA1234567890ABCDEF
AWS CloudFront keyACCAACCA1234567890ABCDEF
GitHub fine-grained personal access tokengithub_pat_github_pat_abc123...
GitHub classic personal access tokenghp_ghp_abc123...
GitHub OAuth tokengho_gho_abc123...
GitHub user-to-server tokenghu_ghu_abc123...
GitHub server-to-server tokenghs_ghs_abc123...
GitHub refresh tokenghr_ghr_abc123...
OpenAI project keysk-proj-sk-proj-abc123...
OpenAI service account keysk-svcacct-sk-svcacct-abc123...
OpenAI API keysk-sk-abc123...
Anthropic API keysk-ant-sk-ant-abc123...
Stripe webhook secretwhsec_whsec_abc123...
Stripe keyrk_, sk_, pk_sk_live_abc123...
Google API keyAIzaAIza1234567890-abc
Slack bot tokenxoxb-xoxb-1234-5678-abc
Slack user tokenxoxp-xoxp-1234-5678-abc
Slack app tokenxapp-xapp-1234-5678-abc
Node Package Manager tokennpm_npm_abc123...
PyPI tokenpypi-pypi-abc123...
Poolside access tokenps-ps-abc123...-def456...
Poolside refresh tokenpsr-psr-abc123...-def456...
JSON Web Token (JWT)eyJeyJhbGciOiJ...
Bearer token headerBearer Bearer eyJhbGci...
Privacy-Enhanced Mail (PEM) private key-----BEGIN...PRIVATE KEY-----Full PEM block
Fireworks API keyfw_fw_abc123...
Use organization patterns for deployment-wide defaults. To add personal or project-specific patterns, add user patterns in settings.yaml.

Fallback default patterns

Use this reference when you set secrets.fallback_redaction_patterns to false and want to copy specific fallback defaults into secrets.redact_patterns. Poolside Console shows the active organization patterns for your deployment. This list shows the local fallback default patterns used when an agent run, such as standalone mode, cannot load organization patterns from the API.
settings.yaml
secrets:
  fallback_redaction_patterns: false
  redact_patterns:
    - name: aws_access_key_id
      pattern: "\\bAKIA[0-9A-Z]{16}\\b"
    - name: aws_session_token
      pattern: "\\bASIA[0-9A-Z]{16}\\b"
    - name: aws_sts_token
      pattern: "\\bABIA[0-9A-Z]{16}\\b"
    - name: aws_cloudfront
      pattern: "\\bACCA[0-9A-Z]{16}\\b"
    - name: github_pat_fine_grained
      pattern: "\\bgithub_pat_[A-Za-z0-9_]{82}\\b"
    - name: github_pat_classic
      pattern: "\\bghp_[A-Za-z0-9_]{36}\\b"
    - name: github_oauth_token
      pattern: "\\bgho_[A-Za-z0-9_]{36}\\b"
    - name: github_user_to_server
      pattern: "\\bghu_[A-Za-z0-9_]{36}\\b"
    - name: github_server_to_server
      pattern: "\\bghs_[A-Za-z0-9_]{36,255}\\b"
    - name: github_refresh_token
      pattern: "\\bghr_[A-Za-z0-9_]{36,255}\\b"
    - name: openai_project_key
      pattern: "\\bsk-proj-[A-Za-z0-9_-]{80,200}\\b"
    - name: openai_svc_acct_key
      pattern: "\\bsk-svcacct-[A-Za-z0-9_-]{80,200}\\b"
    - name: openai_api_key
      pattern: "\\bsk-[a-zA-Z0-9]{20,}\\b"
    - name: anthropic_api_key
      pattern: "\\bsk-ant-[A-Za-z0-9_-]{80,120}\\b"
    - name: stripe_webhook_secret
      pattern: "\\bwhsec_[A-Za-z0-9]{32,64}\\b"
    - name: stripe_key
      pattern: "\\b[rsp]k_(test|live)_[0-9a-zA-Z]{24,}\\b"
    - name: google_api_key
      pattern: "\\bAIza[0-9A-Za-z\\-_]{35}\\b"
    - name: slack_bot_token
      pattern: "\\bxoxb-[0-9]{10,}-[0-9]{10,}-[a-zA-Z0-9]{24}\\b"
    - name: slack_user_token
      pattern: "\\bxoxp-[0-9]{10,}-[0-9]{10,}-[0-9]{10,}-[a-f0-9]{32}\\b"
    - name: slack_app_token
      pattern: "\\bxapp-[0-9]+-[A-Za-z0-9_]+-[0-9]+-[a-f0-9]+\\b"
    - name: npm_token
      pattern: "\\bnpm_[A-Za-z0-9]{36}\\b"
    - name: pypi_token
      pattern: "\\bpypi-[A-Za-z0-9_-]{100,200}\\b"
    - name: poolside_access_token
      pattern: "\\bps-[A-Za-z0-9]{40,}-[A-Za-z0-9-]{20,}\\b"
    - name: poolside_refresh_token
      pattern: "\\bpsr-[A-Za-z0-9]{40,}-[A-Za-z0-9-]{20,}\\b"
    - name: jwt
      pattern: "\\beyJ[a-zA-Z0-9_-]{10,}\\.[a-zA-Z0-9_-]{10,}\\.[a-zA-Z0-9_-]{10,}"
    - name: generic_bearer
      pattern: "\\bBearer\\s+[A-Za-z0-9\\-._~+/]{20,}=*"
    - name: private_key_pem
      pattern: "(?s)-----BEGIN\\s+(RSA |EC |DSA |OPENSSH |PGP )?PRIVATE KEY( BLOCK)?-----.*?-----END\\s+(RSA |EC |DSA |OPENSSH |PGP )?PRIVATE KEY( BLOCK)?-----"
    - name: fireworks_api_key
      pattern: "\\bfw_[a-zA-Z0-9]{24}\\b"

User patterns

Add user redaction patterns to secrets.redact_patterns in your settings.yaml file when you need a pattern that does not require administrator access:
settings.yaml
secrets:
  redact_patterns:
    - name: internal_api_key
      pattern: "MYCO_[A-Za-z0-9]{32}"
    - name: database_dsn
      pattern: "postgres://[^\\s]+"
Your user patterns apply together with the organization patterns for your deployment. If an agent run, such as standalone mode, cannot load organization patterns from the API, fallback default patterns apply before your user patterns unless you set secrets.fallback_redaction_patterns to false. For a complete reference of supported settings.yaml keys, see Settings file reference. Each pattern requires:
  • name: A non-empty identifier for the pattern.
  • pattern: A valid RE2 regular expression.
Validation rules Poolside rejects patterns that match common code tokens such as empty strings, function, 123, hello world, true, const, or return. This prevents overly broad patterns like .* from stripping useful content from tool output. Settings file locations
File locationUse this for
.poolside/settings.local.yamlPersonal, project-specific.
Do not commit. Takes precedence over all other files.
.poolside/settings.yamlShared, project-specific.
Commit and share with your team.
~/.config/poolside/settings.yamlPersonal defaults (all projects).
Applies when no project-level settings override it.
Poolside combines user patterns from all settings files. For more information about settings file locations and precedence, see Tool permissions.
Invalid patterns surface as errors rather than being silently dropped. A rejected pattern could leave secrets exposed, so fix validation errors before proceeding.

Manage organization patterns

Prerequisites
  • You belong to a team with the tenant-admin role.
Steps
  1. In the Poolside Console, navigate to Security > https://mintcdn.com/poolside/Tz6xG1rOCu6JtFws/images/icons/redaction-patterns-icon.svg?fit=max&auto=format&n=Tz6xG1rOCu6JtFws&q=85&s=7f3c227df97b20297fec866f5e23469a Redaction Patterns.
  2. To update an existing default or organization pattern, click the ellipsis () in the row and select Edit. To add a new organization pattern, click Add Pattern.
  3. In Name, enter a descriptive name for the pattern.
  4. In Pattern (RE2 regex), enter the regular expression you want Poolside to redact. Use RE2 syntax quick reference in the editor to check common regular expression syntax while you write or troubleshoot the pattern.
  5. In Test your pattern, paste or edit sample text to confirm that the pattern matches the values you expect to redact.
  6. Click Save.
To remove an organization pattern, click the ellipsis () in the row, select Delete, and confirm the deletion.

Redaction warnings

Poolside displays redaction warnings when redaction activity might need your attention. These warnings are shown to you, not to the agent. Warnings appear in the IDE as session notifications and in the pool CLI as yellow warning messages. Each warning appears only one time per session to avoid noise.
Do not rely on redaction as the primary protection for secrets exposed to tools. Use secrets to inject sensitive values only when needed.
TriggerThresholdWhat it means
Poolside redacts the same secret value or pattern-based match multiple times in one stepMore than 3 replacements per stepThe matched value may be too short or too common, causing false positives
Poolside redacts a pattern-based match from tool outputAny matchTool output contains a string that matches a configured secret format
If you see repeated redaction warnings for a specific secret or matching pattern, review the value or pattern. A longer value or more specific pattern can reduce false positives.

Troubleshooting

Legitimate values appear redacted

If you see ⟦SECRET_REDACTED⟧ where no actual secret exists, a redaction pattern might be matching a non-secret value. Check whether the redacted value matches a default organization pattern, an organization pattern, or a user pattern in settings.yaml. If the match affects your workflow, try one of the following fixes:
  • Make the user pattern more specific.
  • Ask an administrator to adjust the organization pattern.
  • Set secrets.fallback_redaction_patterns to false, then copy over only the default patterns you need.
  • Restructure the output to avoid the match.

Redaction warnings appear repeatedly

Frequent redaction warnings for a specific secret usually mean the secret value is too short or too generic. Replace it with a longer, unique value.

Pattern rejected during validation

Poolside rejects patterns that match common code tokens. Make your pattern more specific. For example, instead of [A-Za-z]+, use a pattern that includes a distinguishing prefix like MYCO_[A-Za-z0-9]{32}. If you are editing an organization pattern, use Test your pattern and RE2 syntax quick reference in the Poolside Console pattern editor before you save.