Mnemosyne

Inspiration

Working in cybersecurity, I frequently encountered a "productivity vs. security" trade-off that left organizations hesitant to adopt modern AI. Users want the reasoning capabilities of models like Gemini, but the risk of leaking Personally Identifiable Information (PII) into third-party logs remains a significant barrier. This inspired me to create Mnemosyne, a "Security-First AI Gateway" that ensures users can leverage LLMs without compromising data privacy.

What it does

Mnemosyne acts as a protective layer between the user and the AI. It features an automated redaction engine that scrubs sensitive data from transcripts before they ever touch an external API. The platform provides a secure dashboard for AI interaction, enterprise-grade authentication, and structured audit logging, making AI "memory" a powerful asset rather than a security liability.

How we built it

The project is built on a decoupled architecture using React and Vite for a responsive frontend and Node.js with Express for a "Secure by Design" backend. I integrated the Google Gemini API for intelligence while implementing OIDC/JWKS verification and role-based access control for security. The entire environment is containerized with Docker and utilizes a CI/CD pipeline for automated testing and deployment.

Challenges we ran into

The most significant challenge was maintaining "Context Integrity"—ensuring the LLM still understands the user's intent after data is masked. Balancing $100\%$ PII redaction with semantic clarity required rigorous iterative testing. Additionally, architecting the system to handle high-intensity processing while maintaining low latency was a complex hurdle during the development of the redaction pipeline.

Accomplishments that we're proud of

I am particularly proud of successfully implementing a production-ready security baseline that includes JWT-ready authentication and strict API hardening (CORS allow-lists, rate limiting, and security headers). Achieving a seamless flow where data is scrubbed in real-time without degrading the user experience was a major technical win for the project.

What we learned

This project deepened my expertise in defense-in-depth principles and the nuances of RAG (Retrieval-Augmented Generation) architectures. I learned the vital importance of observability through structured audit trails and gained hands-on experience in moving a high-security application from a local prototype to a containerized, enterprise-ready solution.

What's next for Mnemosyne

The next steps involve refining the platform for government and public-sector readiness. This includes routing logs to immutable storage for legal holds, integrating managed key rotation, and performing extensive threat modeling. I also plan to add SAST/DAST scanning to the CI/CD pipeline to further validate compliance with frameworks like HIPAA and SOC 2.

Built With

• and-express-that-leverages-the-gemini-api-while-ensuring-data-privacy-through-automated-pii-redaction
• dockerized
• enterprise-grade
• express.js
• gemini
• node.js
• oidc
• oidc/jwks-authentication
• pii
• react