100% Local Processing

Stop Leaking Secrets
to AI Chatbots

PromptGod automatically masks API keys, passwords, and tokens when you paste into ChatGPT, Gemini, Copilot, and more — before they ever leave your browser.

50+
Built-in Rules
11
Supported Sites
116
Automated Tests
0
Data Sent
.env — pasted into ChatGPT
1 OPENAI_API_KEY=sk-proj-7kQ***************
2 AWS_SECRET_ACCESS_KEY=wJalr***************
3 STRIPE_SECRET_KEY=sk_li***************
4 DATABASE_URL=postgres://admin:s3cr***@db.host.io:5432/prod
5 GITHUB_TOKEN=ghp_Xe***************
Features

Everything Happens in Your Browser

No servers, no tracking, no external calls. PromptGod intercepts secrets before they leave your machine.

Auto-Mask on Paste

Intercepts paste events in chat inputs and masks secrets before they reach the AI. No manual steps needed.

🔍

50+ Built-in Rules

Covers AWS, OpenAI, GitHub, Stripe, Slack, JWT, PEM private keys, connection strings, credit cards, and more.

🧠

Smart Entropy Engine

Detects unknown secrets via Shannon entropy analysis, even without a matching regex pattern.

🎯

Context-Aware Detection

Lowers entropy thresholds on lines with _SECRET, _KEY, _TOKEN — catches custom-prefixed keys automatically.

🔐

Partial Redaction

Shows the first 1/4 of each secret with stars for the rest, preserving exact string length so JSON/YAML stays intact.

🏗️

Structure-Safe Processing

Line-isolated regex pipeline prevents cross-line bugs. PEM/RSA multiline keys are still handled correctly.

🔑

The Vault

Click the extension icon to review all redacted secrets, saved locally via the background service worker.

✍️

Manual Sanitize

Floating shield button to scan typed text on demand — for when you type secrets instead of pasting them.

⚙️

Custom Rules

Add your own regex patterns or keywords via the Settings page to catch company-specific secrets.

Architecture

How the Sanitizer Works

A two-phase pipeline processes your text in milliseconds, all inside the browser.

1

Multiline Phase

PEM / RSA private key blocks — the only rules allowed to span multiple lines — are detected and masked first.

2

Regex Rules

Known vendor key patterns (OpenAI, AWS, Stripe, etc.), env assignments, DB URIs, Sentry DSNs, and 50+ more patterns are matched per line.

3

Inline Credential Parsing

Passwords inside ://user:password@host and proxy_auth=user:pass@host strings are extracted and masked, even with special characters.

4

Entropy Engine

High-entropy unknown strings in config-like context are flagged via Shannon entropy analysis — catches secrets that no regex can match.

5

False-Positive Filter

UUIDs, git commit hashes, transaction IDs, K8s API groups, repo URLs, and other operational content are preserved — no false alarms.

Detection Layer What It Catches
Regex Rules Known vendor keys, env assignments, DB URIs, Sentry DSNs, etc.
Inline Credentials ://user:password@host and proxy_auth=user:pass@host
Custom Prefixes Vendor-specific patterns like cmp_sec_live_...
Entropy Engine High-entropy unknown strings in config-like text
FP Filter UUIDs, git SHAs, infra domains, JSON keys, repo URLs
Compatibility

Works Where You Chat

PromptGod runs on all major AI chat platforms. If you use it, we protect it.

💬 ChatGPT
✨ Gemini
🟣 Claude
⚡ Grok
🔷 Microsoft Copilot
🔍 Bing Chat
🌐 Perplexity
🐋 DeepSeek
🤖 Poe
🤗 HuggingFace Chat
🌬️ Mistral
Get Started

Install in Under a Minute

One click from the Chrome Web Store. No setup, no build step, no account required.

1

Open the Chrome Web Store

Visit the PromptGod listing in the Chrome Web Store.

2

Add to Chrome

Click Add to Chrome and confirm the install prompt.

3

Pin the Extension

Click the puzzle icon in Chrome's toolbar and pin PromptGod for quick access to the Vault.

4

Start Chatting Safely

Visit any supported AI site and paste text containing API keys — they'll be masked automatically.

Protect Your Secrets Today

Open source, zero dependencies, and completely local. Your keys stay yours.

Add to Chrome