Skip to Content
DocumentationPrivacy & Security

Privacy & Security

GuideKit provides multiple mechanisms to protect user privacy and control what data reaches external LLM providers.

EventBus Privacy Hook

Intercept LLM payloads via the EventBus llm:response-start event. Use this to redact PII, log requests, or implement custom filtering.

import { useGuideKitCore } from '@guidekit/react';
import { useEffect } from 'react';
 
function PrivacyGuard() {
  const core = useGuideKitCore();
 
  useEffect(() => {
    if (!core) return;
 
    const unsub = core.bus.on('llm:response-start', (event) => {
      console.log('LLM request started:', event.conversationId);
    });
 
    return unsub;
  }, [core]);
 
  return null;
}

For content filtering, use the setPageContext hook to control what page data is sent to the LLM:

import { useGuideKitContext } from '@guidekit/react';
 
function FilteredPage() {
  const { setPageContext } = useGuideKitContext();
 
  useEffect(() => {
    // Only send non-sensitive context to the LLM
    setPageContext({
      pageName: 'Settings',
      // Omit sensitive fields like passwords, tokens, etc.
    });
  }, [setPageContext]);
 
  return <SettingsPage />;
}

data-guidekit-ignore

Add this attribute to any DOM element to exclude it from the page model sent to the LLM. The DOM Scanner skips these elements entirely.

<div data-guidekit-ignore>
  <p>This content will not be included in LLM context.</p>
  <input type="password" />
</div>

Use this for:

  • Password fields and sensitive forms
  • Internal admin controls
  • Content that should not influence AI responses

Token-based Authentication

API keys never reach the browser. The @guidekit/server package generates short-lived JWTs that the client SDK uses to authenticate. API keys are stored server-side in a sessionKeyStore keyed by the token’s jti claim and are never included in the JWT payload.

Security Deny-list

The clickElement tool action maintains a deny-list of selectors that cannot be programmatically clicked:

  • button[type="submit"] on payment forms
  • Elements with data-guidekit-deny-click
  • Links to external domains (configurable)

Data Retention

GuideKit stores conversation history in memory only. Session data in sessionStorage is cleared when the browser tab closes. No data is persisted to disk or sent to GuideKit servers.

Last updated on
Proactive TriggersServer SDK