Standpipe
The proxy for teams that need control over what agents can see, send, and remember.
How it works
Someone shares confidential customer data with an AI tool.
Standpipe intercepts the request before it leaves your environment.
Sensitive information is removed, and your security policies stay enforced.
Can you look up the employee record for E12345? I think their SSN is [REDACTED_SSN] and they work in Engineering.
Can you look up the employee record for E12345? I think their SSN is 111-22-3333 and they work in Engineering.
Control what your AI can see
Inspect what agents try to send before it leaves the machine.
Mask secrets, tokens, and sensitive fields automatically.
Keep the team’s workflow visible without adding friction.
Common questions
Standpipe is a local proxy that sits between your AI agents and the internet. Every outbound request passes through it so you can inspect, mask, and control what your agents can see and send.
Standpipe scans request payloads for secrets, tokens, PII, and sensitive fields using configurable rules. Matches are redacted before the request leaves your machine -the agent never knows.
Standpipe works with any tool that routes traffic through a proxy -Claude Code, Codex, Cursor, custom LangChain/LlamaIndex agents, and more. If it speaks HTTP, Standpipe can see it.
No. Standpipe runs entirely on your machine. Request logs are stored locally and never leave your environment.