Implementation:Protectai Llm guard Deanonymize

Knowledge Sources	LLM Guard LLM Guard Documentation
Domains	NLP, Data_Privacy, Text_Processing
Last Updated	2026-02-14 12:00 GMT

Overview

Concrete tool for restoring anonymized placeholders in LLM outputs to their original values using vault-stored mappings, provided by the LLM Guard library.

Description

The Deanonymize class is an output scanner that reads (placeholder, original_value) tuples from a shared Vault and replaces placeholder occurrences in the LLM output with their original values. It supports four matching strategies via the MatchingStrategy enum: EXACT, CASE_INSENSITIVE, FUZZY, and COMBINED_EXACT_FUZZY.

Usage

Import this scanner when you need to restore PII in LLM outputs that were previously anonymized. Always use the same Vault instance that was used by the Anonymize input scanner.

Code Reference

Source Location

Repository: llm-guard
File: llm_guard/output_scanners/deanonymize.py
Lines: L118-152

Signature

class Deanonymize(Scanner):
    def __init__(
        self,
        vault: Vault,
        *,
        matching_strategy: MatchingStrategy | str = MatchingStrategy.EXACT,
    ) -> None:
        """
        Args:
            vault: Vault instance containing (placeholder, original) mappings.
            matching_strategy: Strategy for finding placeholders in output.
                Options: EXACT, CASE_INSENSITIVE, FUZZY, COMBINED_EXACT_FUZZY.
                Default: EXACT.
        """

    def scan(self, prompt: str, output: str) -> tuple[str, bool, float]:
        """
        Replace placeholders in output with original values from vault.

        Returns:
            - Deanonymized output text
            - Always True (deanonymization never fails)
            - Always -1.0 (no risk score applicable)
        """

Import

from llm_guard.output_scanners import Deanonymize
from llm_guard.output_scanners.deanonymize import MatchingStrategy
from llm_guard.vault import Vault

I/O Contract

Inputs

Name	Type	Required	Description
vault	Vault	Yes	Vault containing placeholder-to-original mappings from anonymization
matching_strategy	MatchingStrategy or str	No	How to find placeholders in output (default: EXACT)
prompt	str	Yes (scan method)	The anonymized prompt
output	str	Yes (scan method)	LLM output containing placeholders

Outputs

Name	Type	Description
deanonymized_output	str	Output with placeholders replaced by original values
is_valid	bool	Always True
risk_score	float	Always -1.0

Usage Examples

Basic Deanonymization

from llm_guard.output_scanners import Deanonymize
from llm_guard.vault import Vault

# Vault populated by prior Anonymize scan
vault = Vault(tuples=[
    ("[REDACTED_PERSON_1]", "John Smith"),
    ("[REDACTED_EMAIL_ADDRESS_1]", "john@example.com"),
])

scanner = Deanonymize(vault)

prompt = "My name is [REDACTED_PERSON_1]"
output = "Hello [REDACTED_PERSON_1], I've sent the info to [REDACTED_EMAIL_ADDRESS_1]."
restored, is_valid, score = scanner.scan(prompt, output)
# restored: "Hello John Smith, I've sent the info to john@example.com."

Fuzzy Matching

from llm_guard.output_scanners import Deanonymize
from llm_guard.output_scanners.deanonymize import MatchingStrategy
from llm_guard.vault import Vault

vault = Vault(tuples=[("[REDACTED_PERSON_1]", "John Smith")])
scanner = Deanonymize(vault, matching_strategy=MatchingStrategy.COMBINED_EXACT_FUZZY)

# LLM slightly modified the placeholder
output = "Hello [REDACTED_PERSO_1], your request is ready."
restored, _, _ = scanner.scan("...", output)
# Fuzzy matching catches the near-match and restores the original value

Related Pages

Implements Principle

Principle:Protectai_Llm_guard_PII_Deanonymization

Requires Environment

Environment:Protectai_Llm_guard_Python_Runtime_Dependencies

Page Connections

Double-click a node to navigate. Hold to expand connections.

Principle

Implementation

Heuristic

Environment