I když je Claude bezpečný, některé informace by nikdy neměly opustit váš perimetr.
Absolutní zákaz ❌
1. Secrets & Credentials
# ❌ NIKDY
prompt = f"""
Debug my database connection:
Connection string: postgresql://admin:SuperSecretPass123@prod-db.company.com:5432/production
"""
# ✅ SPRÁVNĚ
prompt = f"""
Debug my database connection:
Connection string: postgresql://[USER]:[PASSWORD]@[HOST]:5432/[DATABASE]
Error: Connection timeout after 30 seconds
"""2. API Keys & Tokens
# ❌ NIKDY
prompt = f"Why doesn't this work? api_key = 'sk-ant-api03-xxxxx...'"
# ✅ SPRÁVNĚ
prompt = "Why doesn't my API call work? I'm getting 401 Unauthorized."3. Private Keys
# ❌ NIKDY
prompt = f"""
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEA...
-----END RSA PRIVATE KEY-----
Why can't I decrypt with this key?
"""
# ✅ SPRÁVNĚ
prompt = "I'm getting 'invalid key format' when decrypting. What are common causes?"4. Personally Identifiable Information (PII)
# ❌ NIKDY
prompt = f"""
Analyze this customer data:
Name: John Smith
SSN: 123-45-6789
Credit Card: 4111-1111-1111-1111
"""
# ✅ SPRÁVNĚ
prompt = f"""
Analyze this anonymized customer data:
customer_id: C12345
purchase_history: [electronics, clothing]
loyalty_tier: gold
"""5. Health Information (PHI)
# ❌ NIKDY
prompt = f"Patient Jane Doe, DOB 1985-03-15, diagnosis: ..."
# ✅ SPRÁVNĚ
prompt = "Patient ID P-1234, age group 35-40, condition category: chronic"Vysoké riziko ⚠️
Interní business data
# ⚠️ ZVÁŽIT
prompt = "Our Q4 revenue was $50M, how do we present this to investors?"
# ✅ BEZPEČNĚJŠÍ
prompt = "How to present strong quarterly results to investors? General best practices."Proprietary algorithms
# ⚠️ ZVÁŽIT
prompt = f"""
Our secret recommendation algorithm:
{full_algorithm_code}
How can we optimize it?
"""
# ✅ BEZPEČNĚJŠÍ
prompt = """
I have a recommendation algorithm with these characteristics:
- Collaborative filtering based
- Uses user embeddings
- Current latency: 50ms
How can I optimize performance?
"""Unreleased product info
# ⚠️ ZVÁŽIT
prompt = "Our new product 'SecretProject' launches in March with features X, Y, Z..."
# ✅ BEZPEČNĚJŠÍ
prompt = "How to plan a product launch for a B2B SaaS tool?"Sanitization helpers
import re
class DataSanitizer:
PATTERNS = {
'email': r'\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z|a-z]{2,}\b',
'phone': r'\b\d{3}[-.]?\d{3}[-.]?\d{4}\b',
'ssn': r'\b\d{3}-\d{2}-\d{4}\b',
'credit_card': r'\b\d{4}[-\s]?\d{4}[-\s]?\d{4}[-\s]?\d{4}\b',
'api_key': r'\b(sk-|api_|key_|token_)[a-zA-Z0-9]{20,}\b',
'ip_address': r'\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b',
}
@classmethod
def sanitize(cls, text: str) -> str:
for name, pattern in cls.PATTERNS.items():
text = re.sub(pattern, f'[REDACTED_{name.upper()}]', text)
return text
@classmethod
def check(cls, text: str) -> list:
"""Returns list of found sensitive data types"""
found = []
for name, pattern in cls.PATTERNS.items():
if re.search(pattern, text):
found.append(name)
return found
# Použití
text = "Contact john@company.com or call 555-123-4567"
sanitized = DataSanitizer.sanitize(text)
# "Contact [REDACTED_EMAIL] or call [REDACTED_PHONE]"Pre-flight check
def safe_prompt(prompt: str) -> str:
"""Check prompt before sending to Claude"""
issues = DataSanitizer.check(prompt)
if issues:
print(f"⚠️ WARNING: Found sensitive data: {issues}")
print("Sanitizing before sending...")
prompt = DataSanitizer.sanitize(prompt)
return prompt
# Automaticky v client wrapper
class SafeClaudeClient:
def __init__(self):
self.client = Anthropic()
def messages_create(self, **kwargs):
if 'messages' in kwargs:
for msg in kwargs['messages']:
if isinstance(msg.get('content'), str):
msg['content'] = safe_prompt(msg['content'])
return self.client.messages.create(**kwargs)Bezpečnost dat je základ důvěryhodného AI systému.