SecureLint – Sensitive Data Protector

Detects and masks API keys, passwords, and secrets in real-time across all web editors. Keeps sensitive data private as you type.

🔒 SECURELINT – SENSITIVE DATA PROTECTOR SecureLint automatically detects and masks sensitive data — API keys, passwords, tokens, credentials, and personal information — as you type or paste into any web-based editor. It acts as a real-time guard that prevents accidental exposure of secrets across platforms you use every day. ──────────────────────────────────────── 🌟 KEY FEATURES ──────────────────────────────────────── 🔍 Universal Editor Support Works across all major web editors and platforms: • Standard inputs, textareas, and contenteditable elements • Rich text editors: CodeMirror, Monaco, Ace, TinyMCE, CKEditor • Popular productivity, project management, email, and coding platforms 🎨 Editor Overlay • A subtle icon appears at the bottom-right of any active editor • Shows a live count of detected secrets, color-coded by severity • Hover to see exactly what was detected and the risk level • Non-intrusive — disappears when you're not in an editor 📧 Webmail Protection (Gmail, Outlook, Yahoo Mail) • Detects and masks secrets typed or pasted into email compose fields • Shows a DLP warning if sensitive content is detected before you send • Checks whether the email is addressed outside your organisation (Enterprise only) • All checks are local — no email body content is transmitted 🚨 4-Level Risk Classification • 🔴 Critical – Private keys, AWS credentials, certificate secrets • 🟠 High – Passwords, API keys, OAuth tokens, database URLs • 🟡 Medium – Emails, phone numbers, SSNs, connection strings • 🔵 Low – Generic tokens, test credentials, low-risk identifiers 🧠 Context-Aware Masking • Development Mode: Shows partial secrets (sk-1234****5678) so you can debug • Content Writing Mode: Full masking (***API_KEY***) for blogs and documents • Automatically detects which mode applies based on URL, element type, and content ⚙️ Fully Configurable • Toggle detection globally or per-site • Set minimum severity level for auto-masking • Choose masking style: Smart, Full, Compliance-Safe, or Context-Aware • Exclude specific websites from scanning • Export detection reports 🔐 100+ Detection Patterns including: • Major cloud provider credentials (AWS, GCP, Azure) • JWT tokens, OAuth access/refresh tokens • Database connection strings (MongoDB, Redis, MySQL, PostgreSQL) • Private keys and certificates (RSA, EC, PGP) • Payment, messaging, and developer service API key formats • SSNs, Aadhaar numbers, credit card patterns ──────────────────────────────────────── 🏢 ENTERPRISE EDITION — FOR IT & SECURITY TEAMS ──────────────────────────────────────── SecureLint includes an Enterprise tier designed for organisations deploying it across their workforce: 🛡️ Enterprise Incident Reporting (IT Admin Feature) • IT administrators can enable centralised incident reporting from within the extension settings • When enabled, the extension sends masked detection reports to the organisation's SecureLint security dashboard • Reports include: secret type, severity level, masked preview (e.g. AKIA****XXXX), page URL and title, and employee email — RAW SECRET VALUES ARE NEVER SENT • Allows the IT/security team to: – Detect recurring leak patterns across the organisation – Alert the employee and trigger secret rotation before damage occurs – Meet compliance and DLP (Data Loss Prevention) requirements • This feature is OFF by default — only an IT admin can enable it • Employees are notified via a visible "Enterprise Reporting — Active" banner inside the extension popup ──────────────────────────────────────── 🔏 PRIVACY — INDIVIDUAL USERS ──────────────────────────────────────── For Free and Pro individual users: • All detection and masking happens 100% locally in your browser • No page content, typed text, or detected secrets are ever sent to any server • Only your extension settings are synced if you create an optional account For Enterprise users: • Masked incident reports are sent to your organisation's admin dashboard only when your IT admin explicitly enables this • Raw secret values are never transmitted — only masked previews • Full disclosure: https://securelint.in/privacy#enterprise-reporting ──────────────────────────────────────── 👥 WHO IS THIS FOR? ──────────────────────────────────────── ✅ Developers – Catch hardcoded secrets before they leak in code reviews or collaboration tools ✅ Security Engineers – Enforce secret hygiene across teams working in web tools ✅ Content Writers – Mask sensitive info before pasting into documents or emails ✅ DevOps Teams – Prevent credentials from appearing in chat or ticket systems ✅ IT Admins – Deploy enterprise-wide DLP with centralised incident visibility and secret rotation alerts ──────────────────────────────────────── 📋 PERMISSIONS EXPLAINED ──────────────────────────────────────── SecureLint requests only the permissions it needs. All access to page content is for local detection only. • Access to all websites: Required to detect secrets on any site your team uses • Storage: Saves your settings and preferences locally • Notifications: Alerts you when a Critical secret is detected (optional, can be disabled) • Tabs: Sends setting updates to your open tabs so changes apply without reloading • Active tab: Allows the popup to read the current page context for live detection stats • Alarms: Schedules light periodic re-checks on pages where content loads after the first paint (e.g. many web apps) • Downloads: Used only if you export a detection report to a file on your device • Context menus: Adds two right-click options — "Scan page for secrets" on any page, and "Mask selected text" on highlighted text — for on-demand scanning and masking Programmatic script injection is not used; page scripts load from the extension manifest (content scripts) only. Full permission and privacy details: https://securelint.in/privacy ──────────────────────────────────────── 🔗 LINKS ──────────────────────────────────────── • Privacy Policy: https://securelint.in/privacy • Enterprise Reporting Policy: https://securelint.in/privacy#enterprise-reporting • Support / Feedback: https://securelint.in • Extension version: 1.0.0 (same as manifest for this release) • Manifest V3 · Minimum Chrome 88+