ThreatVec Shadow AI

Discover shadow AI usage across 554 AI services, detect and block PII leakage, and enforce org policy on browser-based AI.

ThreatVec Shadow AI gives security teams visibility into the 554+ AI tools their employees use in the browser, and blocks accidental data leaks before they leave the page. WHAT IT DOES • Auto-discovers AI services visited in the browser across 554 named products in 24 categories — including the ChatGPT, Claude, Gemini, Perplexity, Copilot, Mistral, and DeepSeek web apps, AWS Bedrock, Azure OpenAI, plus coding assistants (Cursor, Codeium, Tabnine, Aider, v0), image generators (Midjourney, Firefly, Leonardo, Ideogram), agent frameworks (AutoGPT, Lindy, n8n), meeting AI (Otter, Fireflies, tl;dv), healthcare AI, legal AI, finance AI, and customer-service AI tools — and feeds an inventory back to your ThreatVec dashboard. • Scans content typed into AI prompt fields for PII (email, SSN, credit-card, API keys, AWS keys, Anthropic/OpenAI keys, JWT tokens, internal hostnames, phone numbers, passwords). Detected leaks are blocked or masked client-side BEFORE the prompt is sent to the AI service, and a redacted record is logged to your ThreatVec audit trail. • Enforces org policy: your security team can mark each AI service as sanctioned, restricted, or blocked, and choose per-PII-class actions (block / mask / warn / allow). The extension applies the policy at the browser, even on unmanaged personal AI accounts. • Surfaces a per-user activity summary in the popup so end users understand which AI tools they've touched, what was blocked, and why. WHAT IT DOES NOT DO • It does NOT inject into or modify the behavior of any specific AI service (no ChatGPT-integration, no Copilot-augmentation — it observes browser traffic and acts only on outbound prompts the user is about to send). • It does NOT send the content of prompts to ThreatVec servers. Only metadata (service name, time, PII-class fingerprint, action taken) is reported. PERMISSIONS RATIONALE • storage: persist per-user policy + activity log locally. • tabs: detect which AI service is open in the active tab. • alarms: periodic local sync of policy from the ThreatVec dashboard. • host permissions (1,136 explicit URL patterns for 568 hostnames across 554 named AI services): every pattern is anchored to a documented AI tool in our public service registry at https://app.threatvec.com/ai-services-catalogue. Content scripts inject ONLY on these explicit hosts. The extension does NOT inject into or watch any non-AI sites the user visits. • optional_host_permissions (https://*/*): NOT requested at install time. An admin can grant this at runtime ONLY for org-defined custom AI services (e.g. an internal in-house LLM at internal-chat.acme.com). Chrome prompts the user explicitly before any per-domain grant is added. PRIVACY • No prompt content leaves the browser. • No PII leaves the browser (it is detected client-side and stripped before submission). • Per-org pseudonymization with HMAC: even the "we saw a PII attempt" telemetry doesn't carry the raw user identifier. • See https://threatvec.com/privacy for the full policy. REQUIREMENTS A ThreatVec account is required to receive policy + see telemetry in the dashboard. The extension works in passive-observe mode without an account but cannot enforce policy or report to a SOC. Sign up free at https://app.threatvec.com (180-day free trial).