Watch Pretense Protect Your Code
Proprietary identifiers are mutated before leaving your machine and restored in the AI response. Zero secrets reach Anthropic, OpenAI, or any provider.
Use ← → arrow keys to navigate · hover to slow down
See it in action
Watch pretense scan, mutate, and proxy run in real-time.
Try the mutation engine
Paste any code and watch Pretense mutate identifiers and block secrets in real-time.
async function _fn4a2b(userId: string): Promise<string> {const _v9x2c = await db.users.findById(userId);const [BLOCKED -- SECRET DETECTED] = process.env.[BLOCKED -- SECRET DETECTED];return jwt.sign({ sub: _v9x2c.id }, [BLOCKED -- SECRET DETECTED]);}
Try the Mutation Yourself
Choose a preset or paste your own code. Click Mutate to see identifiers transformed in real-time. Pretense stores the reverse map locally so the AI response comes back as your original code.
// Payment processor
async function getUserPaymentToken(userId: string) {
const secretKey = process.env.STRIPE_SECRET_KEY;
const dbConnection = new DatabaseClient(secretKey);
return dbConnection.getToken(userId);
}
async function processPayment(
customerId: string,
amountCents: number
) {
const paymentIntent = await stripeClient.paymentIntents.create({
amount: amountCents,
currency: 'usd',
customer: customerId,
});
await billingService.recordTransaction(paymentIntent.id);
return paymentIntent;
}// Press "Mutate" to see protected output...// Reversed AI response appears here...// Payment processor
async function getUserPaymentToken(userId: string) {
const secretKey = process.env.STRIPE_SECRET_KEY;
const dbConnection = new DatabaseClient(secretKey);
return dbConnection.getToken(userId);
}
async function processPayment(
customerId: string,
amountCents: number
) {
const paymentIntent = await stripeClient.paymentIntents.create({
amount: amountCents,
currency: 'usd',
customer: customerId,
});
await billingService.recordTransaction(paymentIntent.id);
return paymentIntent;
}How This Works
Three steps. All local. All reversible. Zero cloud.
Scan
Pretense scans every token in your code using 40+ regex patterns and entropy analysis to detect secrets, API keys, and proprietary identifiers.
Mutate
Each identifier is replaced with a deterministic synthetic token using djb2 hash. The mapping is stored locally. Secrets are blocked entirely.
Reverse
After the AI responds using mutated tokens, Pretense applies the reverse map byte-for-byte. You receive the real identifiers back. Zero diff.
Protect your real code in 30 seconds
Install Pretense, start the proxy, route your AI tool through it. Every identifier in every prompt is protected automatically.
Free tier available. No credit card required. Local-first.
See the Mutation Happen
Press Mutate to watch Pretense transform proprietary identifiers into synthetic tokens. The LLM sees the right panel. Only Pretense can reverse it back.
class PaymentProcessor {
private apiKey: string;
private merchantId: string;
constructor(apiKey: string, merchantId: string) {
this.apiKey = apiKey;
this.merchantId = merchantId;
}
async getUserData(userId: string): Promise<UserProfile> {
const userRecord = await this.fetchFromDatabase(userId);
const enrichedData = this.enrichWithBillingInfo(userRecord);
return this.formatUserProfile(enrichedData);
}
async processPayment(
userId: string,
amount: number,
currency: string
): Promise<PaymentResult> {
const userData = await this.getUserData(userId);
const billingToken = await this.tokenizeCard(userData.cardInfo);
return this.submitTransaction(billingToken, amount, currency);
}
private async fetchFromDatabase(userId: string) {
return this.dbClient.query({ userId, merchantId: this.merchantId });
}
}// mutated output appears here...Free tier available. No credit card required.
Interactive Playground
Type Code. Watch It Mutate.
Real-time mutation runs entirely in your browser. No server, no account. Load a preset or paste your own code to see exactly what Pretense sends to the LLM.
Mutated output will appear here →How It Works
Three deterministic steps. All local, all reversible, zero cloud.
Scan
40+ patterns + entropy analysis
- API keys, JWTs, PII: 40+ regex patterns
- Shannon entropy on high-entropy strings
- AST-aware identifier extraction
- TS / JS / Python / Go / Java
Mutate
djb2 hash: deterministic, reversible
- Same input always → same token
- Preserves AST structure + semantic shape
- Secrets blocked outright, never mutated
- getUserToken → _fn4a2b
Restore
100% fidelity: byte-exact
- Zero diff in the restored response
- Works on streaming + batch responses
- Offline: no cloud reversal dependency
- _fn4a2b → getUserToken
Real-World Scenarios
Pretense prevents compliance violations across every regulated industry.
PHI in Refactored EHR Code
A dev asks Claude to refactor a patient-record module. Comments reference patient IDs, diagnosis codes, and FHIR resource paths. Any one identifier could trigger a breach notification.
HIPAA violation prevented. Identifiers mutated before leaving the machine.
Pretense by the Numbers
Across all active deployments. Live counters update every few seconds.
Before vs After
The same function. One exposes secrets, one is Pretense-protected.
async function getUserToken(
userId: string
): Promise<string> {
const apiKey =
process.env.ANTHROPIC_API_KEY;
return processPaymentData(
userId, apiKey
);
}async function _fn4a2b(
_v9c1d: string
): Promise<string> {
const _v3f8a =
process.env.PRETENSE_BLOCKED;
return _fn8c3d(
_v9c1d, _v3f8a
);
}Live Demo
Try the Mutation Engine
Paste any code snippet and see exactly how Pretense mutates identifiers before sending to an LLM. Runs entirely in your browser.
Click "Mutate" to see the protected output →Start protecting in 30 seconds
Free. Local-first. No cloud required.
Free · Local-first · 30-second setup · No cloud required