What is Argument Masking?
Replacing sensitive argument values with masked versions in audit logs — for example, card_number: "****1234". Argument masking preserves auditability by recording that a value was present and partially what it contained, without persisting the full sensitive data.
WHY IT MATTERS
Audit logs are essential for governance — every tool call should be recorded. But tool calls frequently contain sensitive data: API keys, passwords, card numbers, personal identifiers. Logging these values verbatim creates a security liability — the audit log itself becomes a target.
Argument masking solves this by replacing sensitive values with partially redacted versions before writing to the log. A card number becomes ****1234. An API key becomes sk-****abcd. The log retains enough information for debugging and audit purposes — you can tell which card was used or which key was involved — without exposing the full secret.
Masking is a balance between security and utility. Too aggressive, and logs become useless for investigation. Too permissive, and sensitive data leaks. The standard approach is to preserve the last few characters (for identification) while replacing the rest with asterisks. Different fields may warrant different masking strategies.
HOW POLICYLAYER USES THIS
Intercept supports argument masking in YAML policies. Sensitive arguments can be tagged with masking rules that specify how the value should be partially redacted in audit logs. Intercept applies the mask before writing to the audit trail — the full value is never persisted. The tool call itself is forwarded to the MCP server with the original, unmasked value, ensuring functionality is not affected.