UNPKG

ace-ai

Version:

ACE SDK for generating synthetic data and ensuring security and compliance with PII and HIPAA regulations. Includes MCP server protection.

198 lines (168 loc) • 8.46 kB

JavaScript

// Healthcare AI Chatbot Demo using ACE SDK // This demo showcases how the ACE SDK protects against security risks in a healthcare AI application const ace = require('./'); // Initialize the ACE SDK client const client = new ace.Client(); // Demo function to simulate processing user input in a healthcare chatbot function processHealthcareChat(message, userData = {}, destinationCountry = 'US') { console.log('\n=== Healthcare AI Chatbot Processing ==='); console.log(`User Message: "${message}"`); console.log(`User Data: ${JSON.stringify(userData)}\n`); // 1. Password and Secret Detection console.log('--- 1. Password and Secret Detection ---'); const hasSecrets = client.scanForSecrets(message); if (hasSecrets) { console.log('🚨 SECURITY ALERT: Secrets/passwords detected in user input!'); console.log('❌ Blocking processing to prevent credential leakage.'); return { status: 'blocked', reason: 'secrets_detected' }; } else { console.log('✅ No secrets detected in user input.'); } // 2. Client/Host App Layer Protection console.log('\n--- 2. Client/Host App Layer Protection ---'); const request = { message, userData }; const isRequestSafe = client.protectMCPHost(request); if (!isRequestSafe) { console.log('🚨 SECURITY ALERT: Unsafe request detected!'); console.log('❌ Blocking request to protect host application.'); return { status: 'blocked', reason: 'unsafe_request' }; } else { console.log('✅ Request passed host protection checks.'); } // 3. PII/HIPAA Data Handling console.log('\n--- 3. PII/HIPAA Data Handling ---'); const hasPII = client.containsPII(message); const hasHIPAA = client.containsHIPAA(message); if (hasPII || hasHIPAA) { console.log('⚠️ PII/HIPAA data detected in user input.'); console.log('🔄 Sanitizing data before further processing...'); const sanitizedMessage = client.sanitizeText(message); console.log(`📝 Original message: "${message}"`); console.log(`✅ Sanitized message: "${sanitizedMessage}"`); message = sanitizedMessage; // Use sanitized message for further processing } else { console.log('✅ No PII/HIPAA data detected in user input.'); } // 4. US Data Residency Enforcement console.log('\n--- 4. US Data Residency Enforcement ---'); // Simulate sending data to a remote service const canSendData = client.ensureUSDataResidency(message, destinationCountry); if (!canSendData) { console.log(`🚨 DATA RESIDENCY VIOLATION: Attempting to send HIPAA data to ${destinationCountry}!`); console.log('❌ Blocking data transfer to maintain compliance.'); return { status: 'blocked', reason: 'data_residency_violation' }; } else { if (destinationCountry !== 'US' && client.containsHIPAA(message)) { console.log('⚠️ HIPAA data would be blocked from leaving the US, but destination is compliant.'); } else if (destinationCountry === 'US') { console.log('✅ Destination is US, data residency requirements satisfied.'); } else { console.log('✅ No HIPAA data detected, no residency restrictions apply.'); } } // 5. Prevention of Sensitive Data Passing to LLMs console.log('\n--- 5. Prevention of Sensitive Data Passing to LLMs ---'); const llmValidation = client.validateDataBeforeLLM(message); if (!llmValidation.isValid) { console.log('🚨 VALIDATION ERROR: Invalid data for LLM processing!'); console.log(`❌ Error: ${llmValidation.error}`); return { status: 'blocked', reason: 'invalid_llm_data' }; } if (llmValidation.warning) { console.log(`⚠️ ${llmValidation.warning}`); console.log('✅ Data has been sanitized before sending to LLM.'); console.log(`📝 Sanitized data: "${llmValidation.sanitizedData}"`); message = llmValidation.sanitizedData; // Use sanitized data for LLM processing } else { console.log('✅ Data validated successfully for LLM processing.'); } // Simulate LLM processing with protected data console.log('\n🤖 Simulating LLM Response Generation...'); const llmResponse = generateLLMResponse(message); console.log(`💬 LLM Response: "${llmResponse}"`); return { status: 'success', response: llmResponse }; } // Simple mock function to simulate LLM response generation function generateLLMResponse(input) { // In a real implementation, this would call an actual LLM API const responses = [ "I understand your concern. Let me provide some general information.", "Based on what you've shared, here's some helpful advice.", "Thank you for sharing that information. Here's what I recommend.", "I can help with that. Here's some relevant information.", "That's an important topic. Here's what you should know." ]; // Simple selection based on input length const index = input.length % responses.length; return responses[index]; } // Run the demo console.log('🏥 Healthcare AI Chatbot Security Demo'); console.log('========================================'); // Demo 1: Safe interaction console.log('\n📝 Demo 1: Safe User Interaction'); processHealthcareChat("I'd like to know more about managing diabetes."); // Demo 2: Password/Secret Detection console.log('\n🔐 Demo 2: Password/Secret Detection'); processHealthcareChat("My password is supersecret123 and my API key is sk-abc123xyz789."); // Demo 3: PII/HIPAA Data Handling console.log('\n🛡️ Demo 3: PII/HIPAA Data Handling'); processHealthcareChat("I have a heart condition and take medication daily."); // Demo 4: US Data Residency Enforcement console.log('\n🇺🇸 Demo 4: US Data Residency Enforcement'); console.log('Testing with HIPAA data going to EU (should be blocked):'); const hipaaMessage = "Patient has diabetes and takes insulin."; const canSendToEU = client.ensureUSDataResidency(hipaaMessage, 'EU'); if (!canSendToEU) { console.log('🚨 SIMULATED BLOCK: HIPAA data blocked from leaving the US to EU!'); } else { console.log('✅ Data can be sent to EU'); } console.log('\nTesting with non-HIPAA data going to EU (should be allowed):'); const nonHipaaMessage = "I'd like to learn about nutrition."; const canSendNonHIPAAToEU = client.ensureUSDataResidency(nonHipaaMessage, 'EU'); if (!canSendNonHIPAAToEU) { console.log('🚨 Data blocked from leaving the US'); } else { console.log('✅ Non-HIPAA data can be sent to EU'); } // Demo 5: Unsafe Host Request with Secrets console.log('\n🛡️ Demo 5: Unsafe Host Request Protection (Secrets)'); const requestWithSecrets = { message: "Here is my database password: dbpassword123", userData: {} }; console.log('\n=== Healthcare AI Chatbot Processing (Request with Secrets) ==='); console.log(`User Message: "${requestWithSecrets.message}"`); console.log(`User Data: ${JSON.stringify(requestWithSecrets.userData)}\n`); console.log('--- Client/Host App Layer Protection ---'); const isRequestSafe = client.protectMCPHost(requestWithSecrets); if (!isRequestSafe) { console.log('🚨 SECURITY ALERT: Unsafe request detected!'); console.log('❌ Blocking request to protect host application.'); } else { console.log('✅ Request passed host protection checks.'); } // Demo 6: Unsafe Host Request with PII console.log('\n🛡️ Demo 6: Unsafe Host Request Protection (PII)'); const requestWithPII = { message: "Patient info: John Doe, age 35", userData: {} }; console.log('\n=== Healthcare AI Chatbot Processing (Request with PII) ==='); console.log(`User Message: "${requestWithPII.message}"`); console.log(`User Data: ${JSON.stringify(requestWithPII.userData)}\n`); console.log('--- Client/Host App Layer Protection ---'); const isRequestSafePII = client.protectMCPHost(requestWithPII); if (!isRequestSafePII) { console.log('🚨 SECURITY ALERT: Unsafe request detected!'); console.log('❌ Blocking request to protect host application.'); } else { console.log('✅ Request passed host protection checks.'); } console.log('\n📋 Summary of ACE SDK Security Features:'); console.log('1. 🔐 Password and Secret Detection - Prevents credential leakage'); console.log('2. 🛡️ Client/Host App Protection - Validates incoming requests'); console.log('3. 🧼 PII/HIPAA Handling - Detects and sanitizes sensitive data'); console.log('4. 🇺🇸 US Data Residency - Ensures HIPAA data stays in the US'); console.log('5. 🤖 LLM Data Protection - Prevents sensitive data from reaching LLMs');