What is AgentAnywhere Veil?

AgentAnywhere Veil is a data-masking and de-identification control for AI agents. It classifies PII, financial, and regulated data on every call and masks it — by reversible tokenization or irreversible redaction — before any model, embedding service, or tool sees the raw values. Veil deploys standalone or natively as part of the AgentAnywhere platform.

How does Veil mask data?

Veil classifies sensitive fields inline, then applies masking per field according to policy. Reversible tokenization replaces a value with a deterministic, format-preserving token that downstream systems can keep using; irreversible redaction removes the value entirely so it cannot be recovered. Enforcement happens inline at the Agent Universal Gateway, so raw data never egresses.

What is a Trust Receipt?

A Trust Receipt is Veil's audit artifact. Every mask and unmask is logged — who, what, under which policy, and when — then signed and versioned so it is tamper-evident. Trust Receipts can be exported as JSON and PDF for auditors.

Can Veil be deployed standalone?

Yes. Veil is designed to stand on its own in front of your existing agents and models, with its own masking rules and Trust Receipt audit trail — no platform migration required. It also integrates natively: Custodian defines policy, the Gateway enforces inline, Sovereign runs it air-gapped, and Observe keeps the log.

VEIL · DATA MASKING

Mask sensitive data before any agent or model sees it.

AgentAnywhere Veil is the data-masking and de-identification control for AI agents. It classifies PII, financial, and regulated data on every call and masks it — reversible tokenization or irreversible redaction — before a model ever sees the raw values. Deploy it standalone or natively in the platform, with every mask and unmask logged as a Trust Receipt.

FIG.18Veil Data-Masking Pipeline. Classify, mask by tokenization or redaction, enforce inline at the Gateway under policy from Custodian, and prove it with signed Trust Receipts — all under one governance plane.

Raw data should never reach the model.

Agents touch sensitive data on nearly every call — customer names and contacts, account and card numbers, health records, anything your regulators consider protected. The moment that data leaves your boundary for a model, an embedding service, or a tool, you have created an exposure you cannot take back.

Prompt redaction bolted on per application does not scale, and it cannot be audited. There is no single place to prove what was masked, what was sent in the clear, or who reversed a mask and why.

Veil makes masking a control, not a coding convention: one place that classifies sensitive fields, masks them before egress, and records the evidence.

Classify. Mask. Enforce. Prove.

Veil sits in the path of every agent call. It detects sensitive data, masks it according to policy, enforces that inline before anything leaves your boundary, and writes a signed record of what happened.

Classify

Detect PII, financial, and regulated fields inline, on every request — names, contacts, account and card numbers, health identifiers, and the fields your policies designate.

Mask

Apply reversible tokenization or irreversible redaction per field. Tokens are deterministic and format-preserving, so downstream systems keep working without ever seeing raw values.

Enforce

Masking is applied inline at the Gateway, under policy defined by Custodian — so raw data never egresses to a model, embedding service, or tool. Enforcement is not optional and not per-app.

Prove

Every mask and unmask is logged as a Trust Receipt — who, what, under which policy, when — signed and versioned, exportable for auditors.

Reversible when you need it back. Irreversible when you don't.

Masking is per field, by policy. Choose the mode that matches the data and the obligation — and prove which one was used.

Tokenize — reversible

Deterministic, format-preserving tokens stand in for raw values

Downstream joins, lookups, and analytics keep working on the tokens

Unmasking is policy-gated and itself logged as a Trust Receipt

For data you must be able to restore under a controlled, audited path

Redact — irreversible

The sensitive value is removed and cannot be recovered

Nothing to leak, subpoena, or reverse later

For data the model never needs and you never want to retain

The default for the most sensitive fields under the strictest policies

Buy it alone. Or let the platform run it.

Veil is the lightest first purchase and a hard RFP checkbox — it stands on its own. It also disappears into the platform, where the other modules give it policy, enforcement, and a deployment posture.

Standalone

Deploy Veil in front of your existing agents and models

Define masking rules and enforce them at your egress point

Trust Receipts give you the audit trail from day one

No platform migration required to satisfy the masking requirement

Platform-native

Custodian defines and governs the masking policy

The Agent Universal Gateway enforces it inline on every call

Sovereign runs the whole thing inside your boundary, air-gapped

Observe keeps the log; TrustFabric signs the Trust Receipts

Built for the controls your auditors ask about.

Data minimization and de-identification are expectations in every serious AI governance review. Veil gives you a defensible answer: sensitive data is masked before it leaves your boundary, and the evidence is signed.

Veil is aligned with RBI FREE-AI data-protection expectations. ShepHertz operates a control environment credentialed for SOC 2, ISO 27001, HIPAA, and GDPR. These are advisory alignments to inform your own assessment — not certifications of your deployment or binding regulatory claims.

FAQ

Frequently asked questions.

What is AgentAnywhere Veil?: AgentAnywhere Veil is a data-masking and de-identification control for AI agents. It classifies PII, financial, and regulated data on every call and masks it — by reversible tokenization or irreversible redaction — before any model, embedding service, or tool sees the raw values. Veil deploys standalone or natively as part of the AgentAnywhere platform.
How does Veil mask data?: Veil classifies sensitive fields inline, then applies masking per field according to policy. Reversible tokenization replaces a value with a deterministic, format-preserving token that downstream systems can keep using; irreversible redaction removes the value entirely so it cannot be recovered. Enforcement happens inline at the Agent Universal Gateway, so raw data never egresses.
What is a Trust Receipt?: A Trust Receipt is Veil's audit artifact. Every mask and unmask is logged — who, what, under which policy, and when — then signed and versioned so it is tamper-evident. Trust Receipts can be exported as JSON and PDF for auditors.
Can Veil be deployed standalone?: Yes. Veil is designed to stand on its own in front of your existing agents and models, with its own masking rules and Trust Receipt audit trail — no platform migration required. It also integrates natively: Custodian defines policy, the Gateway enforces inline, Sovereign runs it air-gapped, and Observe keeps the log.
Which compliance frameworks does Veil align with?: Veil is aligned with RBI FREE-AI data-protection expectations, and ShepHertz operates a control environment credentialed for SOC 2, ISO 27001, HIPAA, and GDPR. These are advisory alignments to inform your own assessment, not certifications of your deployment or binding regulatory claims.

Mask the data before it ever leaves your boundary.

Veil is the lightest way to close the data-exposure gap in your agent stack — standalone today, platform-native when you want Custodian policy and Gateway enforcement behind it. Tell us what your agents touch.

Request access Talk to our architects