PromptGnome

Detects sensitive information in your messages to AI chatbots and warns you before sending.

PromptGnome detects sensitive information in the messages you send to AI chatbots, warns you before the message leaves your browser, and optionally replaces private data with safe placeholders. All processing runs locally on your device. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ WHY IT EXISTS ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Every day, millions of people paste passwords, client data, medical records, and source code with live credentials into conversational AI tools — without realizing that text may be logged, used for training, or exposed in a breach. A developer pastes a stack trace containing a database password. A founder drafts a board update with real revenue numbers. A parent asks for medical advice using their child's full name. A lawyer pastes a contract. Once that text leaves your browser, you cannot take it back. This extension fixes the problem at the only place it can be fixed — locally, before the network request is sent. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ HOW IT WORKS ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ When you send a message on a supported site, the extension intercepts the outgoing request, scans the text for personally identifiable information (PII), and gives you three options: edit the message, send it unchanged, or cancel. If you enable auto-anonymize mode, sensitive values are replaced with consistent placeholders like [NAME_1] or [EMAIL_1] before the message is transmitted. The same entity always maps to the same placeholder within a session, preserving context. When the response streams in, placeholders are restored to real values on your screen — so you read a natural conversation while the provider only ever saw anonymized text. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ WHAT IT DETECTS ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ PATTERN-BASED (under 10 ms): Email addresses, phone numbers, Social Security Numbers (area-code validated), credit card numbers (Luhn validated), passport and license numbers, IBAN, IPv4/IPv6 addresses, AWS/GitHub/Stripe keys, and other API credentials. LOCAL AI MODEL: For unstructured data — personal names, company names, locations, and medical conditions — a small named-entity-recognition model runs entirely inside the browser. Model weights are downloaded once and cached. No text is ever sent to a server. CONFIDENCE SCORING: Every match receives a confidence score. The engine boosts scores near trigger phrases, validates structural integrity, and suppresses false positives inside code blocks and URLs. You control the threshold. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ THREE MODES ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 1. WARN (default) — An overlay shows what was found. You choose to edit, send, or cancel. 2. AUTO-ANONYMIZE — Sensitive values are replaced with placeholders automatically. Responses are re-hydrated on screen. 3. SILENT — Anonymization runs without interruption. A badge shows how many items were protected. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ PRIVACY BY DESIGN ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Your prompts, detected values, placeholder mappings, settings, and audit logs never leave your device. After a one-time model download, the extension makes zero network calls in its default configuration. There is no analytics, no telemetry, and no third-party SDKs. Placeholder mappings are encrypted at rest using AES-256-GCM with PBKDF2-derived keys and expire automatically after 24 hours. Only minimal permissions are requested: local storage, side panel, offscreen document (for model inference), alarms (for key cleanup), and host access limited to the specific sites it protects. Broad access to all websites is not requested. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ OPEN SOURCE ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ The entire engine is published on GitHub. You can read every pattern, every confidence rule, and every line of the anonymization logic yourself. github.com/effyyy/PromptGnome ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ WHAT'S INCLUDED ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ • Pattern-based and AI-powered PII scanning • Warning overlay with edit, send, and cancel • Automatic anonymization with response re-hydration • Encrypted local mapping store • Custom rules you define yourself • Session audit log and statistics dashboard • No ads, no account required ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ PERFORMANCE ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Pattern scanning completes in under 10 ms. The local model runs in under 300 ms. If any step exceeds its time budget, the extension falls back to pattern-only results and lets your message through. It will never block your conversation due to an internal error. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ FAQ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Q: Does it slow down conversations? A: No. Pattern scanning is under 10 ms, and the model adds less time than it takes the service to begin responding. Q: Does it send data anywhere? A: No. After the initial model download, there are no network calls. Q: What if something slips through? A: No system catches everything. This is a safety net that handles the majority of sensitive data, but it complements — not replaces — your own judgment. Q: Can I add my own rules? A: Yes. Custom pattern rules for formats specific to your work. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ COMING SOON ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Power-user features are in development: higher-accuracy server-side analysis (consent-gated), document scanning, advanced entity types, and team-shared rulesets. Waitlist: promptgnome.com/waitlist ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Website: promptgnome.com Source: github.com/effyyy/PromptGnome Privacy: promptgnome.com/privacy Terms: promptgnome.com/terms ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Your prompts belong to you — not to us, not to the provider, not to a future breach. This extension keeps it that way with real code, in your browser, under a license you can read. Your prompts, your rules.