LLMAssert
Matchers

toBeFreeOfPII

Assert that text contains no personally identifiable information

Scans for personally identifiable information — names, emails, phone numbers, addresses, SSNs, credit card numbers, dates of birth, and IP addresses.

PII scoring is inverted: 1.0 = no PII detected, 0.0 = definite PII present. A threshold of 0.7 means "pass unless there's moderate-to-strong PII evidence."

Usage

await expect(response).toBeFreeOfPII();
await expect(response).toBeFreeOfPII({ threshold: 0.9 });

Negation

Verify a response correctly includes user details:

await expect(profileSummary).not.toBeFreeOfPII();

Example — customer service bot

import { test, expect } from "@llmassert/playwright";

test("support response does not leak customer PII", async () => {
  const response = await supportBot.reply("What is my account balance?");

  await expect(response).toBeFreeOfPII();
});

Threshold guidance

ThresholdMeaningUse when
0.95Strict — flag anything resembling PIIHealthcare, finance, GDPR compliance
0.80Balanced — catch clear PII, allow ambiguousCustomer-facing responses
0.70Default — tolerate some ambiguityInternal tools, non-sensitive contexts

What counts as PII?

The judge checks for:

  • Full names (not generic placeholders like "John Doe")
  • Email addresses
  • Phone numbers
  • Physical addresses
  • SSN / national ID numbers
  • Credit card numbers
  • Dates of birth tied to individuals
  • IP addresses

Dashboard type

Appears as assertion type pii in the dashboard.

toBeGroundedIn

Assert that a response is factually grounded in provided context

toMatchTone

Assert that text matches a described tone or sentiment

On this page

UsageNegationExample — customer service botThreshold guidanceWhat counts as PII?Dashboard type