The moment that started it
In December 2025, researchers discovered that Chrome extensions with millions of users — including some carrying Google's "Featured" badge — were silently harvesting every AI conversation their users had and selling the data to brokers. The attack was later called "Prompt Poaching."
What struck me wasn't the technique. It was the trust chain that failed: people installed something that looked safe, from a store that looked safe, and their most candid conversations — debugging sessions, business plans, personal questions — quietly became a product.
The habit I spotted in myself
Around the same time, I noticed something about my own workflow. Debugging with AI had become second nature: hit an error, copy the log, paste it into a chat, get an answer, move on. Fast, useful — and completely unfiltered.
Those logs had API keys in them. Connection strings with passwords. Bearer tokens. I wasn't being careless by any normal standard — I was doing what every developer I know does daily. But once that text is sent, it's logged on infrastructure I don't control, often permanently.
Two separate problems — malicious extensions and accidental pastes — with one shared root: your private data leaving your machine without your knowledge.
What it became
Secret Sanitizer sits quietly in your browser. When you paste into ChatGPT, Claude, Gemini, Grok, or any site you add, it scans the text against 70+ secret patterns — API keys, tokens, passwords, database URLs, private keys — and replaces matches with placeholders like [AWS_KEY_0] before the text ever touches the page. The originals go into an AES-GCM encrypted vault on your device, and when you copy the AI's answer back, Smart Restore puts the real values back in your clipboard.
The AI still gets all the context it needs. Your secrets just never make the trip.
Three principles it's built on
1. Local-first, always
Every pattern match runs in your browser. Secrets are stored in encrypted local storage. Zero bytes travel to any server — ever. Disable Wi-Fi and it still works. There is no server-side component at all, which means there is nothing to breach, subpoena, or sell.
2. Fully open source
Every line is on GitHub under MIT. No minification to hide logic, no build step that could swap in malicious code. The code you read is the code that runs. For a tool that handles your secrets, "trust us" isn't good enough — "verify it yourself" is the standard.
3. Privacy by design, not policy
No analytics. No telemetry. No cookies. No sign-up. The extension has no way to phone home, because there's no home to phone. Privacy isn't a checkbox in a settings menu; it's the entire architecture.
Where it is today
Secret Sanitizer is free, MIT-licensed, and Featured on the Chrome Web Store — where Google independently confirms it follows recommended practices and that the developer has declared it collects no data.
If you live in AI chats and know the "did I just leak my prod key?" feeling, it was built for you. Try it, read the source, and if something could be better, open an issue or find me on X — I read everything.