Tracking Sensitive Information With Taskless
Taskless makes it possible to track, triage, and remediate sensitive information leaks in your application without needing to manually instrument every outbound call your application makes.
What is Taskless?
Taskless helps developers instrument the network calls their applications make, regardless of the APIs and SDKs used. It's compatible with existing telemetry and logging solutions, giving you a faster route to better logs.Using a different framework other than what's shown ?
You can switch the framework you're viewing docs for:
Quick Start
Section titled “Quick Start”Install Taskless
Section titled “Install Taskless”In your project root, run the following command to install the Taskless Client:
npm install @taskless/loaderpnpm add @taskless/loaderyarn add @taskless/loaderInstall The Pack
Section titled “Install The Pack”You can install the PII Pack with the following command:
npx @taskless/pack install https://github.com/taskless/pack-pii/releases/download/v0.0.5/pack.tgzpnpx @taskless/pack install https://github.com/taskless/pack-pii/releases/download/v0.0.5/pack.tgzyarn dlx @taskless/pack install https://github.com/taskless/pack-pii/releases/download/v0.0.5/pack.tgzModify Your “Start” Command
Section titled “Modify Your “Start” Command”All that’s left is to update your app’s start command
{ "name": "my-next-js-app", "scripts": { "dev": "next dev", "build": "next build", "start": "NODE_OPTIONS=\"--import=@taskless/loader\" next start" }}{ "name": "my-nest-app", "scripts": { "dev": "nest dev", "build": "nest build", "start": "NODE_OPTIONS='--import=@taskless/loader' nest start" }}{ "name": "my-express-app", "scripts": { "start": "node --import=@taskless/loader server.js" }}{ "name": "my-hono-app", "scripts": { "dev": "tsx watch src/index.ts", "build": "tsc", "start": "node --import=@taskless/loader dist/index.js" }}{ "name": "my-react-router-app", "scripts": { "build": "react-router build", "dev": "react-router dev", "start": "NODE_OPTIONS=\"--import=@taskless/loader\" react-router-serve ./build/server/index.js", "typecheck": "react-router typegen && tsc" }}{ "name": "my-node-app", "scripts": { "start": "node --import=@taskless/loader server.js" }}{ "name": "my-node-app", "scripts": { "start": "node --import=@taskless/loader server.js" }}Configuring the PII Pack
Section titled “Configuring the PII Pack”The following configuration fields are available for the PII detection pack.
If using the CLI, you can configure these inside of your Pack’s config.json inside of the .taskless directory. If using Taskless Cloud, these can be configured via the Taskless Cloud dashboard.
| Field Name | Type | Description | Default Value |
|---|---|---|---|
domains | string[] | List of domains to apply PII checks to (empty = all domains) | [] |
emailAddressFields | string[] | Regex patterns for email detection in field names | Pre-configured patterns |
emailAddressValues | string[] | Regex patterns for email detection in values | Pre-configured patterns |
addressFields | string[] | Regex patterns for physical address detection in fields | Pre-configured patterns |
addressValues | string[] | Regex patterns for physical address detection in values | [] |
namesFields | string[] | Regex patterns for name detection in field names | Pre-configured patterns |
namesValues | string[] | Regex patterns for name detection in values | [] |
phoneNumberFields | string[] | Regex patterns for phone number detection in fields | Pre-configured patterns |
phoneNumberValues | string[] | Regex patterns for phone number detection in values | Pre-configured patterns |
idFields | string[] | Regex patterns for national ID detection in fields | Pre-configured patterns |
idValues | string[] | Regex patterns for national ID detection in values | Pre-configured patterns |
creditCardFields | string[] | Regex patterns for credit card detection in fields | Pre-configured patterns |
creditCardValues | string[] | Regex patterns for credit card detection in values | Pre-configured patterns |
birthdateFields | string[] | Regex patterns for birthdate detection in fields | Pre-configured patterns |
birthdateValues | string[] | Regex patterns for birthdate detection in values | Pre-configured patterns |
ipAddressFields | string[] | Regex patterns for IP address detection in fields | Pre-configured patterns |
ipAddressValues | string[] | Regex patterns for IP address detection in values | Pre-configured patterns |
additionalFields | string[] | Custom regex patterns for additional PII field detection | [] |
additionalValues | string[] | Custom regex patterns for additional PII value detection | [] |
For the complete configuration reference and advanced use cases, visit the pack-pii documentation.
Default Charts
Section titled “Default Charts”The PII pack automatically generates the following visualization charts in Taskless Cloud:
- none - we are still working on the optimial defaults to show PII related issues
Do I need any additional infrastructure?
No, Taskless is designed to work inside your existing application context.
This way you don’t have to figure out kubernetes, create lambda sidecars, or
stand up additional machines.
What is the performance overhead of Taskless?
Taskless tries to do as much as possible asynchronously and locally to minimize the performance impact
to your app. The WebAssembly overhead is typically less than 1ms.
When your application starts and you are using Taskless Cloud for requests (via an API key), your configuration will be downloaded from the Taskless Cloud if it isn’t already cached. The overhead of this request is typically 100-200ms.
What happens if Taskless is unavailable?
When your configuration and integrations are running locally, Taskless will continue to function even if the service isn’t available.
If you are retrieving or sending data to Taskless Cloud, Taskless takes a “fail open” approach. This means that our default behavior is to let requests fall through to your application’s built-in network requests.
Does Taskless transmit any sensitive data?
No. Taskless only captures the metadata; for example, “you send emails to
domain XYZ”. Because of the sandbox all Packs run in, Taskless cannot access
server secrets, make web requests, or access any sensitive data in your
application context.