hckrnws

Really cool idea and incredibly useful with the every growing AI space and security concerns.

I built a browser extension that detects and redacts sensitive data in real-time inside ChatGPT, Gemini, and Claude before you hit send.

The hardest part was working inside ProseMirror. ChatGPT's editor silently reverts direct DOM mutations, so I couldn't just inject or modify text nodes. I ended up using the CSS Custom Highlight API to paint visual highlights on detected ranges without touching the DOM, and a twin-write architecture that works with ProseMirror's state instead of against it.

Detection is regex + Shannon entropy analysis for high-randomness strings like API keys + a lightweight NLP layer (compromise.js) for names and locations. Everything runs client-side in the content script. No data leaves the browser.

Built with Plasmo, TypeScript, React. Available on Chrome Web Store, Firefox version pending review.

Would appreciate feedback on the detection approach — particularly curious if anyone has dealt with ProseMirror content injection in extensions before.

If it's not also running every tool response through this detection/masking, then it's not really "protecting" any agent use cases where they will be potentially reading files/data.

Isn't too late when you paste in the prompt, even if you didn't send it?