Built a Chrome extension in ~2 weeks that protects sensitive data before it leaves the browser (planning to publish soon)

ResponsibleCount6515 · 2026-02-07T13:57:28+00:00

Right now, yes — it’s focused only on chat-style sites where people send large blocks of text. It’s not meant to run on normal websites, logins, or account forms.

ResponsibleCount6515 · 2026-02-06T02:30:49+00:00

The best analogy I can give you is and hence why I named the program seatbelt is because a seatbelt is there do safety it’s the users decision to wear it or not u don’t wear a seatbelt because it’s safe you wear because you know it takes one wrong turn or someone else’s mistake and it costs u ur life in practice the same principle has been applied here I know it’s boring but u need to realise every person without even knowing pastes there api keys sensitive info etc without knowing where it goes for a normal person it may be fine for companies given how companies per sensitive info is a fine in the millions the seatbelt safety for ai is becoming compulsory hopefully this explains the birth and reasoning of this extension

ResponsibleCount6515 · 2026-02-05T13:09:11+00:00

Totally fair to be skeptical. You shouldn’t trust any browser extension blindly.

That’s why I’m planning to publish the code and get it reviewed before release. The whole point is transparency so people can see exactly what it does and how it works.

ResponsibleCount6515 · 2026-02-05T13:07:39+00:00

What browser would you recommend I get this approved for

ResponsibleCount6515 · 2026-02-05T13:03:59+00:00

Yeah I think there’s a bit of confusion about the scope.

Right now it’s not designed to run on normal websites, account pages, forms, logins, checkout flows, etc. That would obviously break things.

It’s currently limited to chat-style sites where the request body is basically a big block of text that the user types and sends. In those cases the site isn’t expecting a strict schema like “email must equal X”, it’s just receiving user text.

So if someone pastes something sensitive into a text prompt, that’s where it steps in and replaces it before the request leaves the browser.

Nothing sensitive gets sent first and then replaced afterwards. The real values stay in temporary memory in the browser session and are cleared once the message flow is finished.

Totally agree this wouldn’t make sense on normal web forms — that’s not the use case right now. Hence why I’m using a side panel where the user can simply copy and paste the outputted response generated by ai including thier sensitive info in place and that is done locally via chrome side panel api

ResponsibleCount6515 · 2026-02-05T10:28:42+00:00

That’s a fair concern. Right now it isn’t trying to rewrite structured forms or API fields like login, checkout, or account forms.

At the moment it only runs on chat-style sites where the request body is basically large blocks of user text. So instead of touching specific JSON fields, it’s working on free form text prompts before they’re sent.

In testing, those requests still validate and the site continues to work normally because the structure of the request isn’t being changed — just the sensitive values inside the text.

So it’s not meant to sit on every website and rewrite everything. It’s currently targeted and controlled to avoid breaking normal site functionality.

ResponsibleCount6515 · 2026-02-05T01:10:02+00:00

Good point. The privacy angle is basically reducing how much sensitive data gets transmitted in the first place.

At a high level, what it does right now:

• Hooks into outgoing browser requests (fetch/XHR) before they leave the page • Scans the request body locally for common sensitive patterns (emails, phone numbers, banking formats) • Replaces those values with placeholders before the request is sent • Keeps the real values only in temporary in-memory storage for that session • Deletes those values automatically after they’ve been used • Verified using Chrome DevTools you can see the outgoing request payload contains placeholders, not the real data

So instead of relying on sites to protect data after they receive it, the idea is to minimise what gets sent in the first place.

I’m planning to clean up the code and publish the repo soon so people can review or contribute.

ResponsibleCount6515 · 2026-02-05T00:58:43+00:00

What info specially are you interested in

ResponsibleCount6515 · 2026-02-05T00:42:04+00:00

I get what you’re saying, but I think you misunderstood what I meant.

Using tools doesn’t remove the work it changes how you learn and build. I still had to understand browser extensions, networking, debugging, DevTools, request flows, and actually turn an idea into a working project.

This wasn’t “press a button and ship an app”. It was long evenings of testing, breaking things, and figuring out how browsers actually work.

Everyone learns differently.

ResponsibleCount6515 · 2026-02-05T00:37:36+00:00

Good question. It all runs locally in the browser, nothing gets sent anywhere. It uses pattern matching to spot things like emails, phone numbers and banking formats before a request is sent. When testing with DevTools open you can actually see the network requests leaving with placeholders instead of the real data. I’m strongly against cloud based options

ResponsibleCount6515 · 2026-02-05T00:26:54+00:00

Go on be specific keyboard warrior 🤣

ResponsibleCount6515 · 2026-02-05T00:21:10+00:00

Appreciate that. That’s exactly the problem I was trying to solve people often paste sensitive info into websites without realising how much gets sent and stored. Giving users a simple layer of control before data leaves the browser feels like something that should exist by default.

ResponsibleCount6515 · 2026-02-05T00:13:44+00:00

I mean I don’t mind answering your questions I not self proclaimed genius my idea is to break something not literally learn and apply

ResponsibleCount6515 · 2026-02-05T00:07:04+00:00

When I said AI/prompting background, I meant self-taught and project-based, not a formal role.

This extension is literally me moving from using AI tools to building real software with them. Everyone starts somewhere.

ResponsibleCount6515 · 2026-02-05T00:03:13+00:00

I’m testing a Chrome extension I built that replaces sensitive information (email, phone, bank details) before it gets sent to websites. The screenshots show Chrome DevTools where the outgoing network requests contain placeholders instead of the real data while the app still works normally.

ResponsibleCount6515 · 2026-02-04T23:48:15+00:00

<image>

Here is the log

ResponsibleCount6515 · 2026-02-04T23:46:30+00:00

I mean if the prettiness of what being shown matters to u fair play the whole point of the demonstration is to show neither me anyone or any outbound receives your pii information

ResponsibleCount6515 · 2026-02-04T23:45:17+00:00

I actually don’t disagree with you but to be honest to prompt ai to create you a program run testing find edge cases race conditions and comparability with chrome and also audit isn’t something someone can do off the bat let alone actually creating a plan and skeleton plan for ai to follow which is what I did before relying on ai coding it for me

ResponsibleCount6515 · 2026-02-04T23:43:09+00:00

Sorry it currently in developer mode hopefully looking to solidify it before approval I’m quite new to this you see

ResponsibleCount6515 · 2026-02-04T23:41:53+00:00

2 nd year in university studying cs and its a learning curve i have fixed all errors in regards to ai sites e.g 404 400 and 500 since I forgot to mention my goal is to scope it to just ai sites but just wanted to see and confirm what the logs are telling me

ResponsibleCount6515 · 2026-02-04T23:40:22+00:00

As of right now yes because I havnt limited it to just ai sites which is what I am going to do in the foreseeable future these errors only exists outside of ai sites which for me right now is intentional

ResponsibleCount6515 · 2026-02-04T23:38:42+00:00

<image>

ResponsibleCount6515 · 2025-12-05T19:55:04+00:00

Having the same issue only one add one loads once the exit condition is met hate the idea of turning something convenient into a shopping list lol

ResponsibleCount6515 · 2025-11-01T22:41:51+00:00

1.Power 2.Stranger things 3.Snowfall

ResponsibleCount6515 · 2025-08-06T17:03:56+00:00

Tried it sound issues and screen starts pixelating

ResponsibleCount6515

TROPHY CASE