A local check between your prompt and the send button.
Redactopia is a browser extension that scans your prompt for sensitive patterns before it reaches an AI chat. Detection runs in the page. Nothing is sent over the network. Edit the prompt below to see what it catches.
Pattern-matching, not understanding.
Guard hooks the prompt textarea on supported AI chat sites. Before submission it runs a set of regular expressions and validators — Luhn for cards, prefix tables for vendor API keys, segment shape for JWTs — over the text you've typed. If anything matches, the send is intercepted and a popup shows the matched ranges and types. You decide what happens next.
It does not understand intent or context. It will flag a fake number on a slide deck and miss a real secret in an unfamiliar format. Treat it as a pre-flight check, not a guarantee.
Local pipeline.
[type]. Send anyway proceeds. Cancel discards. The choice is yours, every time.What we don't do.
- No network calls.The extension makes zero outbound requests. No analytics, no telemetry, no error reporting.
- No storage of prompts.Prompt content is never persisted. It exists only as the variable being scanned, then it's discarded.
- No accounts.No sign-in, no user ID, no device ID. We can't identify you; the extension would not know what to do with the information.
- No third-party code.The detector is the only script that runs on prompt content. No external SDKs, no bundled tracking.
Five sites today.
Host permissions are declared explicitly in the extension manifest. The content script does not run on any other page.
Microsoft Copilot is not on the supported list. Extension content scripts cannot run on copilot.microsoft.com in Edge, which is what Redactopia requires to operate. The Copilot adapter is preserved in source for a possible future Chrome build.
Pattern list.
Twelve built-in regex categories — each backed by a pattern plus, where it matters, a validator. We also include a Shannon-entropy detector for unrecognized secrets, and you can add your own custom regex patterns from the side panel.
| Category | Method | Example shape | Risk |
|---|---|---|---|
| JWT | three-segment base64url, header decode | eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ1c2VyIn0.SflKxwRJSMeKKF2QT4 | High |
| API keys (vendor prefix) | prefix table | ghp_AbCdEfGhIjKlMnOpQrStUv1234567890 | High |
| AWS access keys | AKIA + 16 uppercase | AKIAIOSFODNN7EXAMPLE | High |
| PEM private keys | BEGIN/END header lines | -----BEGIN PRIVATE KEY-----…-----END PRIVATE KEY----- | High |
| Passwords | key-value heuristic | password=hunter2 | High |
| DB connection strings | URI scheme list (postgresql, mysql, mongodb, redis, …) | postgresql://user:pw@host/db | High |
| URLs with secret query params | ?token=, ?key=, ?secret=, … | https://api.example.com/v1?token=AbC123XyZ | High |
| Credit card numbers | Luhn-validated 13–19 digits | 4242 4242 4242 4242 | High |
| SSN (US format) | ###-##-#### with area-group rules | 123-45-6789 | High |
| Email addresses | RFC-ish | user@host.tld | Med |
| Phone numbers (US) | 10-digit, separator tolerant | (555) 123-4567 | Med |
| Internal / private URLs | RFC1918, .internal, .local, localhost | staging.internal · 10.0.0.42 | Med |
What it doesn't do.
- It detects shapes, not secrets.A string in the right format will be flagged whether or not it's a real key. A real key in an unknown format will be missed.
- No context understanding."My imaginary friend's name is Alex Johnson" looks identical to a real name. Names are not detected for this reason.
- No file scanning.Attachments and uploads are out of scope. Guard sees only the prompt text in the page.
- SPA fragility.If a supported site changes its prompt input internals, Guard may need a manifest update to keep working there.
- Pre-1.0.Expect breakage. Expect regex tweaks. Please file issues — they're how we learn what's wrong.
Recent.
Guard ships small. Updates roll out to anyone on the Edge add-on once it's listed.
Ctrl+Z undo.Likely questions.
Why Edge first?
The Edge add-on review queue is the lightest of the three major stores for early-stage extensions, and the developer building this uses Edge daily. Chrome and Firefox builds are likely next.
Does it slow down typing?
Detection runs on submit, not on every keystroke. There is no measurable typing latency in the current build.
Does it work in incognito / private windows?
If you grant the extension incognito access in your browser settings, yes. By default, no.
Why no Copilot?
Extension content scripts cannot run on copilot.microsoft.com in Edge — which is what Redactopia needs to detect anything. Adding it would require a Chrome build.
Can I add custom patterns?
Not in v0.4. It's on the roadmap. The storage and UI for it aren't built yet.
Is it open source?
The source is available; the license is being finalized. The repository link will live in the footer once published.
Will it work on a non-supported site?
No. The content script is gated by host permissions in the manifest. Adding a site requires a release.