> ## Documentation Index
> Fetch the complete documentation index at: https://docs.rehydra.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Introduction

> Privacy tools for protecting sensitive data in code, terminals, and AI workflows

Rehydra is a privacy layer for working with sensitive text and secrets. It helps you detect protected values locally, replace them with safe placeholders, and restore them when you need the originals again.

<CardGroup cols={3}>
  <Card title="SDK" icon="code" href="/quickstart">
    Build privacy-preserving applications in Node.js, Bun, or the browser.
  </Card>

  <Card title="CLI Tool" icon="terminal" href="/guides/cli">
    Anonymize, inspect, and rehydrate text directly from the terminal.
  </Card>

  <Card title="OpenCode Plugin" icon="shield" href="/guides/opencode-plugin">
    Prevent coding agents from leaking PII and secrets to LLMs.
  </Card>
</CardGroup>

## Three Ways to Use Rehydra

### SDK

Use the `rehydra` package when you want privacy controls inside your application.

* Detect structured PII such as emails, phone numbers, credit cards, IPs, and URLs
* Add optional NER-based detection for names, organizations, and locations
* Encrypt original values for later rehydration
* Integrate with apps, services, agents, proxies, and streaming workflows

### CLI Tool

Use `@rehydra/cli` when you want to work with files or piped text without writing code.

* Anonymize text from files or stdin
* Inspect what would be detected before changing anything
* Rehydrate text using a saved encrypted PII map
* Fit Rehydra into shell scripts and local workflows

### OpenCode Plugin

Use `@rehydra/opencode` when you want OpenCode to automatically scrub PII and secrets before they are sent to an LLM.

* Auto-detect PII (emails, phones, credit cards) and secrets (API keys, JWTs, connection strings) in all messages
* Optionally scan `.env` files to catch exact secret values anywhere in text
* Restore original values before local tool execution
* Add privacy protection to agent workflows with minimal setup

## How Rehydra Works

<Steps>
  <Step title="Detect locally">
    Rehydra identifies sensitive values on your machine before they leave your environment.
  </Step>

  <Step title="Replace safely">
    It swaps originals for stable placeholders that downstream systems can handle safely.
  </Step>

  <Step title="Restore when needed">
    Rehydra can decrypt and rehydrate the original values in the right local context.
  </Step>
</Steps>

## What You Can Protect

<CardGroup cols={2}>
  <Card title="Structured PII" icon="at">
    Emails, phone numbers, IBANs, credit cards, IP addresses, URLs, and more.
  </Card>

  <Card title="Soft PII" icon="brain">
    Names, organizations, and locations with the optional NER model.
  </Card>

  <Card title="Secrets" icon="key">
    API keys, tokens, connection strings, and other environment-based credentials.
  </Card>

  <Card title="Encrypted Mappings" icon="lock">
    Original values are stored in encrypted form for later restoration.
  </Card>
</CardGroup>

## Start Here

<CardGroup cols={2}>
  <Card title="Choose a Product" icon="rocket" href="/quickstart">
    Start with the SDK, CLI, or OpenCode plugin.
  </Card>

  <Card title="Installation" icon="download" href="/installation">
    See install commands for each environment and package.
  </Card>

  <Card title="CLI Guide" icon="terminal" href="/guides/cli">
    Learn the terminal workflow and available commands.
  </Card>

  <Card title="OpenCode Plugin Guide" icon="shield" href="/guides/opencode-plugin">
    Set up automatic PII and secret scrubbing for OpenCode.
  </Card>
</CardGroup>
