Developers

Token Counter & PII Scanner

A client-side demo of the same prompt-and-secret screening SchneeAI runs before your request hits any provider. Paste text, watch the scan, then route the count to the cost calculator.

Paste anything below. The counter updates in real time, and the scanner highlights anything that looks like personally identifiable information or a secret. Nothing leaves your browser — this is a local demo of the patterns SchneeAI checks server-side before forwarding a call.

What the tool does

  • Token estimate — counts ASCII, CJK, and other characters and weights them (English ≈ 4 chars/token, Japanese ≈ 1.5 chars/token). This is ±20%; for exact counts, use each provider’s official tokenizer.
  • PII / secret scan — checks against 13 categories SchneeAI’s runtime scanner supports. The full production scanner covers 17 (adds mynumber_jp with check digit, pem private keys, IPv6, connection strings, US SSN with validation).
  • Cost Calculator hand-off — once you have a token count, send it to the Cost Calculator to price the request.

The 17 categories SchneeAI scans at runtime

CategorySeverityPre-call action
emailwarningmask or flag
phone_jp / phone_e164warningmask or flag
credit_card (+Luhn)criticalblock
ipv4 / ipv6infoflag
aws_access_keycriticalblock
openai_api_keycriticalblock
anthropic_api_keycriticalblock
google_api_keycriticalblock
stripe_keycriticalblock
slack_tokencriticalblock
jwtcriticalblock
mynumber_jp (+check digit)criticalblock
ssn_uscriticalblock
pem_private_keycriticalblock
connection_stringcriticalblock

Severity drives what happens: critical findings block the call before it leaves the boundary; warning findings can be masked, flagged, or passed through; info findings are recorded but do not interrupt. Policies are configurable per service and per tenant.

Try these

  • An email like [email protected]
  • A phone number like 090-1234-5678
  • A realistic test JWT: eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIxMjM0NTY3ODkwIn0.SflKxwRJSMeKKF2QT4fwpXqz
  • A Stripe test key: sk_test_4eC39HqLyjWDarjtT1zdp7dc

The scanner runs in your browser. None of these values are sent to SchneeAI or any other server.

What SchneeAI adds beyond the demo

The demo answers “would my text get flagged?”. The platform adds:

  • Pre-call enforcement — critical findings block the request before it reaches the provider, not just warn after.
  • Configurable policy — mask, flag, or block per category, per tenant, per feature.
  • Vault retention — every finding is stored as structured metadata alongside the encrypted raw request, with retention windows per data class.
  • Audit trail — who saw what, when, with what justification, available for compliance review.

See the PII scanning in production blog post for the design rationale.

Tokens (est.)0
Characters0
Words0
CJK chars0

No PII or secret patterns detected.