I built this because I kept catching myself almost pasting customer emails and API keys into ChatGPT. I wanted a safety net that didn't involve a heavy enterprise proxy or sending data to a third-party sanitation service.
How it works under the hood:
Cloak is a Chrome extension that runs entirely locally. It injects a content script that intercepts the prompt before it hits the network.
Detection: It uses a set of optimized Regex patterns to identify PII (SSNs, Emails, IPv4, Stripe Keys, etc.).
Tokenization: It replaces them with reversible tokens (e.g., [EMAIL_1]) and stores the mapping in local browser memory.
Restoration: When the LLM response streams back, it listens for those tokens and swaps the original data back in on the fly.
The key constraint was zero network calls. The redaction happens 100% in the browser. No data is sent to my servers (I don't even have a database for this).
The core logic is also available as a Python library for anyone building RAG pipelines who wants the same functionality backend-side.
Happy to answer questions about the regex performance or the restoration logic!
OP here.
I built this because I kept catching myself almost pasting customer emails and API keys into ChatGPT. I wanted a safety net that didn't involve a heavy enterprise proxy or sending data to a third-party sanitation service.
How it works under the hood: Cloak is a Chrome extension that runs entirely locally. It injects a content script that intercepts the prompt before it hits the network.
Detection: It uses a set of optimized Regex patterns to identify PII (SSNs, Emails, IPv4, Stripe Keys, etc.).
Tokenization: It replaces them with reversible tokens (e.g., [EMAIL_1]) and stores the mapping in local browser memory.
Restoration: When the LLM response streams back, it listens for those tokens and swaps the original data back in on the fly.
The key constraint was zero network calls. The redaction happens 100% in the browser. No data is sent to my servers (I don't even have a database for this).
The core logic is also available as a Python library for anyone building RAG pipelines who wants the same functionality backend-side.
Happy to answer questions about the regex performance or the restoration logic!