Privacy-first Chrome and Edge extension that detects and blocks accidental data leaks (API keys, credentials, PII) before they reach AI chat platforms. Live on the Chrome Web Store.
Developers and non-technical users paste API keys, database connection strings and PII into ChatGPT or Claude without realising it. Existing answers were enterprise DLP suites or cloud services that themselves become a data exposure risk.
Built a Manifest V3 extension that intercepts text at the DOM level with a fetch monkey-patch fallback, then runs a local detection pipeline covering 26 pattern types: OpenAI, AWS, GitHub and Stripe keys, JWTs, credit cards with Luhn validation, and UK-specific PII including NINO and NHS numbers. Sub-50ms scan latency. Shadow DOM warning modal so host site CSS cannot break it.
Live on the Chrome Web Store covering ChatGPT and Claude.ai. 530+ false positive corpus samples, 8 Playwright E2E suites, Vitest unit coverage across the detection engine. Nothing leaves the browser: no network requests, no prompt storage.