Summary
PII classifier (src/classifier.ts:210-224) boosts confidence based on global context word presence. Attacker can evade detection by omitting context words — e.g., an SSN without "ssn" or "social" nearby stays below 0.5 confidence threshold.
Fix
Increase base confidence for high-sensitivity patterns (SSN, credit card). Consider standalone detection without context boost requirement.
Summary
PII classifier (src/classifier.ts:210-224) boosts confidence based on global context word presence. Attacker can evade detection by omitting context words — e.g., an SSN without "ssn" or "social" nearby stays below 0.5 confidence threshold.
Fix
Increase base confidence for high-sensitivity patterns (SSN, credit card). Consider standalone detection without context boost requirement.