STYX Guard — Enterprise AI Security

Enterprise AI security — scan prompts, block sensitive data and enforce policies across ChatGPT, Claude, Gemini and more.

# STYX Guard — Chrome Store Full Description STYX Guard is an enterprise-grade data loss prevention (DLP) extension that gives security teams complete visibility and control over what sensitive data employees share with AI tools — without killing productivity. Built for organisations that have adopted ChatGPT, Claude, Gemini and other AI platforms but need to ensure sensitive data stays protected. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 🔒 THE PROBLEM Employees share sensitive data with AI tools every day. Passwords. Customer PII. Credit card numbers. Source code. Confidential documents. Most organisations have zero visibility into what's being shared, with whom, and when. When a data leak happens through an AI tool, the average detection time is 194 days. By then the damage is done. STYX Guard fixes this. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ ⚡ HOW IT WORKS STYX Guard sits silently in the employee's browser, scanning every message before it reaches an AI tool. When sensitive content is detected, the extension enforces the organisation's security policy in real time. Four enforcement modes give administrators granular control: 🚫 HARD BLOCK — Prevents the message from sending. Employee sees a clear notification. The violation is logged with full context. ⚠️ WARN — Shows a warning and lets the employee decide. If they proceed, it is logged. Creates accountability without blocking productivity. ████ REDACT — Automatically replaces sensitive content with ████ blocks before the message sends. Employee stays productive. Data stays safe. 👁️ SILENT LOG — Allows the message through and logs the violation invisibly. Perfect for monitoring without disrupting workflow. Rules can be applied organisation-wide, to specific groups, or to individual users. Finance teams get stricter PII rules. Contractors get additional restrictions. Engineering teams have different policies from HR. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 🛡️ WHAT IT PROTECTS AGAINST PII DETECTION • Social Security Numbers • Aadhaar Numbers (India) • Credit card numbers (all major formats) • Phone numbers (US and international) • Email addresses • Custom identifiers via regex CUSTOM KEYWORDS • Passwords • API keys and tokens • Private keys • Internal project names • Confidential and proprietary terms • Client names and codes FILE UPLOADS • Blocks drag-and-drop uploads • Blocks copy-paste of images and files • Hides upload buttons entirely • Logs all bypass attempts CODE PATTERNS • SQL injection patterns • Credentials in code • Database schemas • AWS keys, JWT tokens • Custom regex patterns for industry-specific data ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 🌐 SUPPORTED AI PLATFORMS Currently supported: ✅ Claude (claude.ai) ✅ ChatGPT (chatgpt.com) ✅ Google Gemini (gemini.google.com) Coming soon: 🔄 Microsoft Copilot 🔄 DeepSeek 🔄 Perplexity Plus any custom LLM via URL configuration. Add internal AI tools, private deployments, or any new AI platform that emerges. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 👥 ENTERPRISE FEATURES ADMIN CONSOLE A dedicated web dashboard at app.hellm.io provides administrators with complete control: • Real-time violations feed with user attribution • Full audit trail including original and redacted content • User and group management with role-based access • Per-user, per-group, and organisation-wide rule scoping • LLM access control (allow, warn, block, redirect) • Security posture score • Top keywords and LLM breakdown charts • CSV export for compliance reporting • Backend search across all violations USER MANAGEMENT • Admin invites users via email • Automated onboarding with temporary passwords • Password reset flow via email • Force password change on first login • Suspend or remove users instantly • Track last login and activity EXTENSION-ONLY ACCOUNTS Regular employees receive extension-only accounts. They cannot access the admin console, cannot disable protection, and cannot modify security policies. All control stays with the administrator. REAL-TIME POLICY SYNC Policy changes in the console propagate to all employees within minutes. No need to push updates. No need for employees to reinstall. DESKTOP NOTIFICATIONS Employees receive desktop notifications when violations occur, ensuring they understand the security policy in real time. RIGHT-CLICK SCAN Select any text on any webpage, right-click, and scan with STYX Guard. See which rules would trigger before pasting into an AI tool. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 🔐 PRIVACY AND SECURITY STYX Guard is built with privacy as a first principle: • Only monitors configured AI platform domains • Has no access to any other websites employees visit • Captures only 200-character snippets of messages that trigger rules • Never records complete conversations • All data stays within the organisation's own backend • Open source extension code is fully auditable • Built on Manifest V3 — the most secure Chrome extension standard • Encrypted communication via HTTPS with SSL/TLS 1.2+ • JWT-based authentication with session expiry • Password hashing with bcrypt WHAT WE DON'T DO • We do not sell your data • We do not serve ads • We do not share with third parties for commercial purposes • We do not track browsing history outside AI platforms • We do not access files or documents beyond the detection layer ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 🚀 GETTING STARTED For Administrators: 1. Sign up for a free STYX account at hellm.io 2. Invite your team via the Console 3. Set up your security rules (templates provided) 4. Employees receive installation emails automatically For Employees: 1. Receive the welcome email from your organisation 2. Install STYX Guard from the Chrome Web Store 3. Log in with the credentials provided in the email 4. Protection starts immediately Zero configuration required. Zero friction for end users. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 💼 WHO STYX IS FOR Security teams who need visibility over AI tool usage. IT administrators deploying AI governance policies. Compliance teams meeting GDPR, HIPAA, SOC2, and ISO 27001 requirements. Organisations adopting AI tools without an existing security framework. Companies that want to enable AI productivity safely rather than blocking AI tools entirely. Industries we serve include financial services, healthcare, legal, government, technology, e-commerce, consulting, and any organisation handling sensitive customer data. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 📊 USE CASES FINANCIAL SERVICES Prevent credit card numbers, account numbers, and customer PII from reaching AI tools. Maintain PCI compliance while enabling employees to use AI for productivity. HEALTHCARE Block patient identifiers, medical record numbers, and HIPAA-protected information from AI platforms. Enable clinicians to use AI for admin tasks without violating patient privacy. LEGAL Protect client confidentiality, case details, and privileged communications. Let lawyers use AI for research while keeping client data secure. TECHNOLOGY Prevent source code, API keys, database credentials, and architecture diagrams from leaking through AI coding assistants. Allow developers to use AI productively without compromising IP. GOVERNMENT Block classified information, personal data of citizens, and sensitive government records. Enable AI adoption in public sector while meeting strict data protection requirements. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 🎯 WHY STYX REAL-TIME PROTECTION Unlike periodic audits or after-the-fact monitoring, STYX acts before data leaves your organisation. Prevention beats detection. POLICY-DRIVEN Rules are defined once by administrators and enforced consistently across every employee and every AI tool. No training required. PRODUCTIVE BY DESIGN Redaction mode keeps employees productive by automatically cleaning sensitive data rather than blocking them entirely. The AI tool still works, it just works safely. VENDOR-NEUTRAL STYX works with any AI tool your organisation uses. Not locked to a specific provider. Add new platforms as they emerge. SIMPLE TO DEPLOY No complex integration, no SSO configuration required for v1, no infrastructure changes. Install the extension, configure your rules, done. TRANSPARENT Every violation is logged with full context. Administrators always know what data was at risk, who was involved, and what the system did about it. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 📈 ROADMAP Coming soon: • Support for Microsoft Copilot, DeepSeek, and Perplexity • Single sign-on (SSO) integration with Google Workspace • Chrome Enterprise managed deployment • Webhook and SIEM integrations • File content scanning (uploaded document analysis) • Advanced reporting and analytics • Multi-region data residency options • Mobile companion apps for policy management ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 🔗 LINKS AND SUPPORT Website: https://hellm.io Admin Console: https://app.hellm.io Privacy Policy: https://hellm.io/privacy Support: support@hellm.io GitHub: https://github.com/X-0rigin/heLLM For enterprise inquiries, custom deployments, or demo requests, contact us at support@hellm.io. We typically respond within one business day. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ STYX Guard — Nothing passes without permission. Built by heLLM for organisations that take AI security seriously.