Open Source · Privacy-First · Self-Hostable

Your employees
use LLMs.
Make sure your
data stays yours.

MMCPS sits between your team and any external AI — anonymizing sensitive data before it leaves, validating every prompt, and restoring responses on the way back. The LLM never sees the real data.

Try the Playground → View on GitHub ↗
Open Source Self-Hostable GDPR Ready HIPAA Friendly MIT License

— The Problem

Your team is already using AI.
Is your data safe?

Most security teams have neither visibility nor control over what their employees paste into a chat box. Three numbers explain why that's a problem.

03 / Industry avg.
247days

average time to detect and contain a leak — by then, the data has been seen.

Mean time to detect

Organizations that ban LLM tools lose visibility — employees move to personal devices. Those that allow unrestricted access risk GDPR and HIPAA violations. MMCPS is the third option: let your team work, while sensitive data never leaves the network.

— How it works

Privacy by design,
not by policy.

Four steps. No model fine-tuning, no prompt-injection tricks, no trust required of the LLM provider — sensitive data simply never reaches them.

  1. 01

    Employee sends a prompt

    A user types a request into the MMCPS web UI, or an internal app forwards one through the proxy endpoint.

  2. 02

    MMCPS anonymizes PII with Presidio

    Names, emails, IDs, locations, custom entities — replaced with consistent placeholder tags. The mapping stays in your machine.

  3. 03

    Validated prompt forwarded to LLM

    Guard rules run on the anonymized prompt — block forbidden topics, enforce limits, redact secrets — then send.

  4. 04

    Response checked & original values restored

    The reply is scanned for any reconstructed sensitive data. Tags are swapped back to the originals — only the user ever sees them.

mmcps · pipeline.log
// Before anonymization
"John Smith at [email protected]
 needs help with invoice #A-4471..."

// After anonymization → sent to LLM
"[PERSON] at [EMAIL]
 needs help with invoice [ID]..."

// Response restored → returned to user
"John Smith, here's what
 you need to do for #A-4471..."

↳ mapping table is held in-memory, scoped to the request, never persisted.

— Why MMCPS

Everything you need.
Nothing you don't.

A focused tool: a proxy, a UI, a small set of well-chosen guarantees. No telemetry, no upsell, no dashboard you'll never log into.

Auto Anonymization

Microsoft Presidio detects and replaces PII — names, emails, IDs, locations, plus your own custom entities.

presidio · spaCy · regex

Prompt Validation

Guard rules block forbidden topics, secrets, and policy violations before any token leaves the network.

guardrails · regex · llm-judge

Response Scanning

Every reply is scanned for reconstructed PII, hallucinated identifiers, or leakage before reaching the user.

scan · diff · block

Web Interface

A clean chat UI — anyone on your team can use it without learning a CLI or installing anything.

chat · image · file-drop

Self-Hostable

Run it on a laptop, a VPS, or your private cloud. Data never leaves the machine you control.

docker · kubernetes · bare-metal

Open Source

MIT licensed. Read the source, audit the rules, fork what you need. No black boxes between you and your data.

MIT · github · auditable

— Ready when you are

Two ways to get started.

option 01

Hosted Playground

No setup required. Try anonymized chat and image processing instantly in your browser.

Your data passes through our servers during anonymization. Use real PII only on the self-hosted build.
Try it now → ~30s · no signup
option 02

Self-Hosted

Keep everything on-premises. Run MMCPS on your own machine. Data never leaves.

# 1. download models first $ ls models/
# 2. start all services $ docker compose up --build
Read the docs → linux · macos · windows

Stop hoping your team
isn't leaking data.

MMCPS is free, open source, and ready to deploy. Spin it up in five minutes — keep it running for as long as your team uses AI.

Get Started on GitHub →