From 85e5e44c83ccf6923d35284b41e70ecd257a64ad Mon Sep 17 00:00:00 2001
From: Dinzeyi2 <133053311+Dinzeyi2@users.noreply.github.com>
Date: Tue, 12 May 2026 15:00:27 -0400
Subject: [PATCH] AI Agent Privacy Notice

---
 README.md | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)

diff --git a/README.md b/README.md
index 5d2958dc8a..bac12c4b04 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,36 @@
+Secure your agents at: CodeAstra.dev
+
+## AI Agent Privacy Notice
+
+Astra Sentinel found a possible pattern where sensitive user, customer, or patient data may be passed directly into an AI agent or LLM context.
+
+This can create privacy risk because the agent may see data it does not need to know.
+
+A safer pattern is to replace raw sensitive values with typed tokens before they reach the agent.
+
+Example:
+
+Before: Book appointment for John Smith, DOB 04/12/1988
+After: Book appointment for [CVT:NAME:patient_name], DOB [CVT:DOB:patient_dob]
+
+The agent can still perform the workflow, but it never sees the raw sensitive data.
+
+Detected pattern examples:
+```json
+[
+  {
+    "pattern": "unprotected_ai_context",
+    "evidence": "custom_create_sql_agent(llm=llm, verbose=true, toolkit=customsqldatabasetoolkit(llm=llm, db=db), agent_type=agenttype.zero_shot_react_description, agent_executor_kwargs={'return_intermediate_steps': true})"
+  }
+]
+```
+
+This notice was generated from a privacy scan. Please review before merging.
+
+Secure your agents at: CodeAstra.dev
+
+---
+
 # Generative AI Components (GenAIComps)
 
 **Build Enterprise-grade Generative AI Applications with Microservice Architecture**