explaingit

marijastavric24/safeprompt

Analysis updated 2026-06-24

13TypeScriptAudience · generalComplexity · 3/5Setup · moderate

TLDR

Browser extension that scans and redacts PII and sensitive text locally before it is sent to AI chat tools like Claude, ChatGPT, Gemini, or Copilot.

Mindmap

mindmap
  root((SafePrompt))
    Inputs
      Chat textarea
      Regex rules
      Custom prompt library
    Outputs
      Redacted text
      Confidence scores
    Use Cases
      Redact client data before AI prompts
      Comply with GDPR or HIPAA
      Strip API keys from snippets
    Tech Stack
      TypeScript
      esbuild
      ShadowDOM
      Node
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

What do people build with it?

USE CASE 1

Redact client names and case numbers before pasting into ChatGPT

USE CASE 2

Strip API keys, IBANs, and Luhn-valid card numbers from prompts on Claude.ai

USE CASE 3

Add a custom regex rule for an internal project codename via the Prompt Library

USE CASE 4

Enforce a no-network detection policy verifiable from browser DevTools

What is it built with?

TypeScriptesbuildNodeShadowDOM

How does it compare?

marijastavric24/safepromptandersondanieln/hexllamabb8ad8/addroid-oss
Stars131313
LanguageTypeScriptTypeScriptTypeScript
Setup difficultymoderateeasyhard
Complexity3/52/54/5
Audiencegeneralvibe coderpm founder

Figures from each repo's GitHub metadata at analysis time.

How do you get it running?

Difficulty · moderate Time to first run · 30min

Build needs Node 18+ and esbuild, then the extension must be sideloaded into Chrome 112+, Edge, or Firefox 115+.

In plain English

SafePrompt is a browser extension that scans and redacts sensitive text on the user's own device before it is submitted to an AI chat tool like Claude.ai, ChatGPT, Gemini, or Microsoft Copilot. The README repeats that all detection runs locally and that no text is sent to a server. The intended audience is people who work with confidential information: lawyers, HR teams, finance staff, healthcare workers, journalists, and anyone subject to rules like GDPR or HIPAA. A Redact button is injected into the chat input on a supported site. Clicking it scans the text with compiled regex rules and a bundled NLP library, highlights what looks sensitive, and lets the user approve or remove each match. Clicking Apply replaces the matched spans with a [REDACTED] label before submission. Supported browsers are Chrome 112 or newer, Edge, and Firefox 115 or newer. The detection list covers general PII such as email addresses, phone numbers, dates of birth, home addresses, UK postcodes, US SSN and UK NI numbers, passport numbers, Luhn-validated cards, mod-97 validated IBANs with sort codes, IP addresses, API keys, and bearer tokens. Domain rules add legal context like client names, case numbers, and settlement figures, HR items such as salaries, healthcare data like patient names and NHS numbers, financial identifiers (UTR, VAT, SWIFT or BIC), and journalism cues near phrases like 'source:'. Custom rules can be added from a Prompt Library. Each match gets a confidence score. Detections at 85 to 97 percent are auto-approved, 60 to 84 percent are flagged for manual review, and below 60 percent are blocked until acknowledged. The document score is capped at 92 percent and no single match reaches 100 percent. The default is to redact everything: the review panel asks the user what to keep, and personal names, phone numbers, and direct financial identifiers cannot be kept. The security section claims no network calls, enforced by a content security policy of connect-src 'none' that can be verified in browser DevTools, plus local-only detection, in-memory handling of the original text, and minimal permissions (storage and activeTab only). The build uses Node.js 18 or newer with esbuild. The source tree contains content scripts, the detection engine, a Shadow DOM panel, an options page, a popup, a learning module, a sandbox for testing rule changes, and shared utilities. A closing disclaimer notes that automated detection makes mistakes and every highlight should still be reviewed.

Copy-paste prompts

Prompt 1
Walk me through building SafePrompt from source with Node 18 and esbuild and loading it as an unpacked extension
Prompt 2
Explain how the confidence score thresholds (85, 60) drive auto-approve, review, and block behavior
Prompt 3
Show me how to add a custom regex rule for an internal project name in the Prompt Library
Prompt 4
How does SafePrompt enforce connect-src none and what should I check in DevTools to verify it
Prompt 5
Where in the source does the Redact button get injected into Claude.ai or ChatGPT input fields

Frequently asked questions

What is safeprompt?

Browser extension that scans and redacts PII and sensitive text locally before it is sent to AI chat tools like Claude, ChatGPT, Gemini, or Copilot.

What language is safeprompt written in?

Mainly TypeScript. The stack also includes TypeScript, esbuild, Node.

How hard is safeprompt to set up?

Setup difficulty is rated moderate, with roughly 30min to a first successful run.

Who is safeprompt for?

Mainly general.

Open on GitHub → Explain another repo

This repo across BitVibe Labs

Verify against the repo before relying on details.