Real-time PII Detection/Redaction for AI chatbots. 100% local.

Hey everyone,

I've been building Prompt Armour — a browser extension that detects and redacts sensitive data in real-time inside ChatGPT, Gemini, and Claude before you hit send.

The problem: every time you paste code, emails, documents, or customer data into an AI chatbot, that data potentially gets stored, logged, or used for training. Most people don't think twice about it.

How it works:

- Scans your input in real-time as you type or paste

- Detects names, emails, phone numbers, API keys, addresses, and more

- Replaces them with reversible tokens (e.g., "John Smith" → [NAME_1])

- Uses regex, Shannon entropy analysis (for API keys), and lightweight NLP

- Everything runs 100% locally in your browser — no data ever leaves your machine

The hardest technical challenge was working inside ChatGPT's ProseMirror editor, which silently reverts any direct DOM mutations. Ended up using the CSS Custom Highlight API to paint highlights without touching the DOM.

Built with Plasmo, TypeScript, React. Available on Chrome Web Store now, Firefox version pending review.

I'm trying to figure out what to build next. A few things on my radar:

- Standalone redaction workspace (paste any text, get it redacted)

- Response scanning (detect if the AI leaks sensitive data back)

- Team/enterprise policies

Would love to hear — if you use AI chatbots at work, what would actually make you trust a tool like this?

Website: https://prompt-armour.vercel.app

Chrome Web Store: https://chromewebstore.google.com/detail/kahecjbmmcenhacihcpkgapcnaggehjo