Blueprint: Retail Return Agent
Multimodal PII scrubbing for E-commerce Agents
Agents processing customer returns often receive photos of damaged goods, receipts, or even customer IDs for verification. This multimodal data contains high-density PII.
This blueprint demonstrates how to implement In-Payload PII Redaction for unstructured retail data.
Architecture
1. Master Policy Definition
{
"name": "retail-privacy-policy",
"priority": 7500,
"rules": [
{
"id": "mask-retail-pii",
"effect": "allow",
"principals": ["agent:return-bot"],
"actions": ["llm.generate"],
"resources": ["*"]
}
],
"content_policy": {
"enable_pii_detection": true,
"pii_action": "mask",
"blocked_patterns": ["\\bORD-\\d{4}-\\d{4}\\b"]
}
}
2. Implementation
Python Prototype
from openai import OpenAI
client = OpenAI(
api_key="ignored",
base_url="http://cz-gateway:8001/v1",
default_headers={"X-ControlZero-App": "returns"}
)
def process_return_request(message: str):
# This message contains an Email and a custom Order Pattern (ORD-xxxx-xxxx)
try:
response = client.chat.completions.create(
model="gpt-4o-mini",
messages=[{"role": "user", "content": f"Customer Request: {message}"}]
)
return response.choices[0].message.content
except Exception as e:
return f"Governance Error: {e}"
# Scenario: Message with sensitive identifiers
raw_msg = "My email is user@example.com and my order number is ORD-1234-5678."
result = process_return_request(raw_msg)
# The LLM receives:
# "Customer Request: My email is [EMAIL] and my order number is [REDACTED]."
print(f"Agent Response: {result}")
3. Validation Checklist
- Surgical Accuracy: Verify that only the PII is masked while the intent of the message remains clear for the agent.
- Custom Patterns: Confirm that the
ORD-regex pattern correctly triggers the redaction. - Audit Trail: Check ClickHouse to ensure that
request_payload_encryptedcontains the raw data (for SRE review) while common logs show masked data. 埋