API & CI/CD integration

Scan text for PII. Returns detected entities (names, emails, phone numbers, addresses, SSNs) with byte offsets and confidence scores.

curl -X POST https://api.clawpine.com/v1/pii/scan \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"text": "Contact John at john@example.com", "sensitivity": "high"}'

Redact PII from text. Returns sanitized text with PII replaced by category tokens (e.g., [NAME], [EMAIL]). Configurable sensitivity levels.

curl -X POST https://api.clawpine.com/v1/pii/redact \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"text": "Contact John at john@example.com", "mode": "replace"}'

List active PII detection rules for your organization. Includes built-in rules and custom patterns.

curl https://api.clawpine.com/v1/pii/rules \
  -H "Authorization: Bearer YOUR_API_KEY"

Query audit logs with filters. Supports date range, agent ID, action type, user, and compliance profile. Paginated with cursor-based navigation.

curl "https://api.clawpine.com/v1/audit/logs?agent_id=agent_01&from=2026-03-01&to=2026-03-25&limit=100" \
  -H "Authorization: Bearer YOUR_API_KEY"

Get a single audit log entry with full detail including data categories processed, PII detections, and compliance profile applied.

curl https://api.clawpine.com/v1/audit/logs/log_abc123 \
  -H "Authorization: Bearer YOUR_API_KEY"

Export audit logs as CSV or JSON for a date range. Returns a signed download URL. Useful for regulator requests and compliance reporting.

curl -X POST https://api.clawpine.com/v1/audit/export \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"from": "2026-01-01", "to": "2026-03-25", "format": "csv"}'

Verify tamper-proof integrity of an audit log entry. Returns cryptographic proof and chain verification status.

curl https://api.clawpine.com/v1/audit/verify/log_abc123 \
  -H "Authorization: Bearer YOUR_API_KEY"

GitHub Actions

Run PII scanning as a CI check on every pull request. Fails the build if agent configs contain hardcoded PII.

# .github/workflows/clawpine-scan.yml
name: ClawPine PII Scan
on: [pull_request]
jobs:
  scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Install ClawPine CLI
        run: npm install -g @clawpine/cli
      - name: Scan for PII
        run: clawpine scan ./agents --sensitivity high --fail-on-detect
        env:
          CLAWPINE_API_KEY: ${{ secrets.CLAWPINE_API_KEY }}

GitLab CI

Integrate ClawPine into your GitLab pipeline with audit log verification after deployment.

# .gitlab-ci.yml
clawpine-scan:
  stage: test
  image: node:20
  script:
    - npm install -g @clawpine/cli
    - clawpine scan ./agents --sensitivity high --fail-on-detect
  variables:
    CLAWPINE_API_KEY: $CLAWPINE_API_KEY

clawpine-verify:
  stage: deploy
  script:
    - clawpine audit verify --since "1 hour ago" --exit-code

CLI usage

The ClawPine CLI wraps all API endpoints for local development and scripting.

# Install
npm install -g @clawpine/cli

# Authenticate
clawpine auth login

# Scan a file for PII
clawpine scan ./soul.md --sensitivity high

# Query recent audit logs
clawpine audit logs --agent agent_01 --last 24h

# Export audit logs for compliance
clawpine audit export --from 2026-01-01 --format csv -o audit.csv

# Verify log integrity
clawpine audit verify --all --since "7 days ago"