Skip to content
AI-Guardian
Book a demo
Platform

The browser extension — your Zero-Trust layer for generative AI

Install once. Every prompt your team writes on ChatGPT, Claude, Gemini, Copilot, and Perplexity is inspected, classified, and governed before the model sees it.

On-device detection

Every prompt is scanned locally against an internationalised rule set — PII, financial identifiers, secrets, file paths — before the send button fires.

Frictionless redaction

One click replaces sensitive spans with deterministic placeholders or synthetic data, so the model keeps its usefulness without ever seeing the truth.

Zero content egress

We never transmit the original prompt text. Only anonymised detection metadata (category, severity, platform) leaves the browser, and only for the audit log.

Transparent blocking

High-severity findings open a native-looking modal with the exact category, the legal framework (GDPR / HIPAA / SOC 2), and a clear choice for the user.

Theme-aware UI

The modal and popup adapt to the host site's dark or light theme via CSS variables and a MutationObserver, so it always feels native — never bolted-on.

Multi-regional coverage

Out-of-the-box detection for EU, US, and global identifiers, with regional toggles for teams that need stricter or looser matching per market.

How it works

The extension ships a content script, a hardened background service worker, and a popup. The content script is the sensor: on every supported platform it listens for the send action, runs the prompt through an on-device rule engine, and decides whether to allow, redact, or block.

The background worker is the governor: it is the only code path that talks to the AI-Guardian backend. It receives anonymised telemetry from the content script, enriches it with tenant identifiers, and sends it to a security definerSupabase RPC. The popup is the interface: it shows the current session's Privacy Score, the premium unlock status, and lets the user toggle rule sets per region.

Security posture

  • Manifest V3 with an explicit minimum-viable host-permission list — no unrelated sites are touched.
  • All backend writes go through stored procedures with row-level security; the extension never holds raw service-role keys.
  • The UI is rendered in a Shadow DOM, isolating styles and attribute access from the host page.
  • Updates are signed by the Chrome Web Store; rule sets are versioned and recorded in the audit log.

Coverage

Today we protect ChatGPT (chat.openai.com), Claude (claude.ai), Gemini (gemini.google.com), Perplexity, and Copilot Chat. New platforms are added monthly; Enterprise customers can request priority coverage for internal deployments during onboarding.

Add to Chrome — freeTalk to security engineering