Your AI is reading your
secretssecrets[REDACTED].
Stop it in 0.2 seconds.
Prompt Armour redacts PII, keys, passwords & secrets Your data never leaves your device. 100% private.locally before they ever leave your browser.
The AI Data Breach
Epidemic
Every prompt you send to ChatGPT, Gemini, or Claude is a one-way door. Once sensitive data crosses the threshold — it’s gone forever.
We didn't build this to be paranoid.
We built it because of the receipts.
"But I just use it for drafting emails!"
That's what 77% of employees said right before pasting an API key or PII into a public model. Here is what happens next.
The Solution
Prompt Armour stops these threats instantly by redacting PII, keys, and secrets locally in your browser before they leave your machine.
Samsung Source Code Leak
Multiple Samsung engineers pasted proprietary source code, facility databases, and internal meeting notes directly into ChatGPT.
ChatGPT History Bug
A major Redis bug in ChatGPT exposed active users' chat titles, histories, and payment information to complete strangers.
Apple Restricts AI
Apple restricted employees from using public AI tools like Copilot and ChatGPT, fearing the leak of unreleased product data.
Microsoft 38TB Exposure
AI researchers accidentally exposed 38TB of internal corporate data, including passwords, while publishing open-source AI models.
Amazon Code Mimicry
Amazon issued urgent internal warnings after noticing ChatGPT generating outputs that closely mimicked their proprietary internal code.
Wall Street Blacklist
JPMorgan Chase, Citigroup, and Bank of America banned public LLMs entirely to prevent third-party data sharing violations.
Hugging Face Token Leak
Researchers found 1,600+ valid API tokens exposed in public AI models, granting access to corporate cloud environments.
The Cyberhaven Audit
A massive enterprise audit revealed that 11% of all data pasted into public AI tools contains sensitive code, passwords, or PII.
Secures silently in the Background.
No new tools to learn. Prompt Armour works right inside your browser, catching sensitive data before it hits AI servers—without slowing you down.
Keep using the AI you love
No weird portals. Open ChatGPT, Claude, or Gemini and paste your raw logs or customer data exactly like you always do.
We catch what you miss
Before data ever leaves your computer, our engine instantly highlights passwords, API keys, and personal info.
His primary contact number is 555-019-2834 and his backup is 987.654.3210.
He used a Visa card ending in 4111-1111-1111-1111 to purchase the assets.
His social security number 123-45-6789 was found in the logs.
To bypass filters, the suspect wrote his email as:
super_hacker [at] gmail [dot] com
He also tried to hide a phone number by spacing it out:
Call me at 5. 5. 5 - 8. 6. 7 - 5. 3. 0. 9 for the codes.
He split his credit card number across lines:
3. 4444. 4444. 4444. 4444
One click, zero leaks
Hit enter to swap sensitive bits with secure tags. The AI gets the context, and your secrets stay local.
His primary contact number is [PHONE-1] and his backup is [PHONE-2].
He used a Visa card ending in [CC-1] to purchase the assets.
His social security number [SSN-1] was found in the logs.
To bypass filters, the suspect wrote his email as:
[EMAIL-2]
He also tried to hide a phone number by spacing it out:
Call me at [PHONE-3] for the codes.
He split his credit card number across lines:
[CC-2]
Stop Leaking Secrets to AI.
Protect Your Data Instantly.
A 100% local extension that automatically detects and redacts sensitive information before you hit send. No complex setups—just total peace of mind.
Developer Secrets
Identifies AWS, OpenAI, Stripe, GitHub, and 50+ other secret formats instantly using high-entropy scanning that catches what standard rules miss.
PII Detection
Catches emails, phone numbers, SSNs, and physical addresses before they leave your clipboard.
You Stay in Control
Flexible redaction styles with real-time highlighting. We use the Custom Highlight API to ensure zero page-breaking bugs.
Network Data
Flags internal IPs, IPv6, MAC addresses, and database connection URIs instantly.
Privacy by Design
100% local architecture. Zero-latency highlighting. No servers, no tracking.
Works Where You Work
Native out-of-the-box support for the AI models you already use.
ChatGPT
Claude
GeminiOn the Roadmap
Wow, it already does all that... and there's MORE!!! coming?
Here's what we're shipping next.
Team Dashboard
Manage AI data policies across your entire org.
Scan History & Reports
See exactly what was caught, when, and where.
Custom Detection
Write custom regex patterns for company-specific data.
Slack & Teams Alerts
Get notified instantly when sensitive data is caught.
Compliance Export
One-click compliant reports for SOC2 / HIPAA audits.
Firefox & Edge
Expanding our native architecture beyond Chrome.
Smart Redaction (Context-Aware)
Context aware redaction that automatically fills the value back when you copy to clipboard, so you can keep working without interruption. (e.g. copy a redacted error message and still get the full stack trace in your clipboard).
Future
Pricing Model.
We are building a sustainable security tool, not a data-harvesting extension.
When we launch V1.0, the core protection will remain free, while advanced team features will move to a paid tier.
CURRENT STATUS: Dev v1.0 is Live
Standard
CORE PROTECTION
- Local PII Redaction
- Standard API Key Detection
- Works on ChatGPT & Claude
Pro
Planned for V1.0
- Everything in Standard
- Custom Regex Patterns
- Custom Redaction Tags
- Team Policy Sync
Frequently Asked Questions
Data Privacy & Servers
100% of the detection and redaction happens locally inside your browser. We do not have servers, we do not collect your data, and we do not have access to your API keys. It is mathematically impossible for us to leak your data.
Supported Platforms
Currently, we fully support ChatGPT, Claude, and Gemini. Optimized to intercept input within their complex Single Page Applications (SPAs) without breaking the host site.
Non-Destructive UI
Traditional extensions wrap text in HTML <span> tags, breaking the site's React state. We use the browser's native CSS Highlight API layer instead, ensuring no page crashes.
Detection Engine
Flags PII (Emails, Phones, SSNs), Financial Data, Network IPs, and over 50+ API keys (AWS, Stripe, OpenAI).
Typing Latency
Zero latency. Because we don't manipulate the DOM, there is no typing delay.
Account Requirements
No account required for the Basic tier. Simply install and it works immediately.
Open Source
The core detection logic is open source to verify our privacy claims.
Custom Safelists
Yes. The dashboard includes a Safe List and Custom Block List supporting fuzzy logic.
Twin-Write Architecture
To eliminate UI flicker when toggling filters, Prompt Armour writes to both localStorage (for instant rendering) and chrome.storage (for persistence) simultaneously.
Extension Updates
The extension updates automatically via the Chrome Web Store. Core regex pattern updates are fetched locally without needing cloud sync.
Offline Functionality
Since all logic runs on your local machine, the detection engine works perfectly even if you lose internet connection.
False Positives
You can hover over any highlighted text and click 'Ignore' to bypass the redaction.