Browser-native AI data protection

Stop sensitive data before it reaches AI tools.

Every day, people paste API keys, customer data, and contracts into AI tools to get work done. InputGuard catches sensitive data in the browser — at paste and submit — before it ever leaves.

Join early access See how it works

The Chrome extension is launching soon. Join early access to use it free as an individual, or set up your organization now and roll it out the moment it’s published.

Free for individuals
Local-first scanning
Browser-native AI DLP
Chrome Web Store launch coming soon

app.aitool.com/chat

Protected

Can you review this onboarding script and clean up the config?

Here is the deploy key we use in prod: AKIA••••••••EXAMPLE

Press Enter to send

Sensitive data detected before submit

1 credential found · AWS access key. Your organization policy requires redaction.

Redact & continueCancel

Coverage

Supported AI applications

InputGuard protects the AI applications your team already uses.

ChatGPT
Claude
Google Gemini
Perplexity
Microsoft Copilot
Grok
DeepSeek
Qwen Chat
Kimi
Mistral Le Chat
Poe
Lovable

Additional AI applications are added regularly.

Don’t see an application you need? Contact us and we’ll prioritize adding it.

The gap

AI created a new way for data to leave.

Traditional Data Loss Prevention was built for files, email, and the network. AI added a browser prompt box where sensitive data can leave through normal work.

Someone at work

Pastes a log, drafts a prompt, attaches a file

AI tool in the browser

Where the prompt is actually written

InputGuard checks here

On-device, at the browser's edge

External AI service

Outside your control once it leaves

Email, file transfers, and network traffic already have controls. The prompt box is the one path that didn't — so InputGuard guards it at the last point you still own: the browser.

Most AI incidents don't start with the model. They start with someone pasting something they shouldn't.

Sound familiar?

None of this is reckless. It's just the work.

These are the everyday tasks people hand to AI. The sensitive part rides along — usually without anyone meaning to send it.

Debugging a deploy

“Why does this keep failing in prod?” — pasted with AWS_SECRET=AKIA…EXAMPLE still in the config.

Summarizing a customer export

“Pull the top accounts from this CSV” — rows include jordan@acme.com and 4111 1111 1111 1111.

Redrafting a contract

“Tighten this clause” — between Acme Corp and Initech LLC on Project Atlas.

Cleaning an employee spreadsheet

“Rank these reports by tenure” — one row reads Dana Lee · SSN 502-44-1990.

Drafting a support reply

“Write a response to this ticket” — the customer left (415) 555-0148 in the thread.

InputGuard catches each of these in place — and lets the person fix it before it sends.

How it works

Protection at the moment data is submitted.

InputGuard runs as a browser extension on the AI sites you protect. Every check happens before content is sent, extending DLP controls to the place prompts are written.

Detect

Paste, prompt text, and text attachments are scanned in the browser for credentials, PII, and business-sensitive terms.

Decide

Site policy picks the response — review, redact, require a reason, or block — based on what was found and where.

Stay local

Detection runs on the device. Prompt content is never uploaded; audit records keep only privacy-safe metadata.

Policy actions

You choose what happens when something is found.

One local detection, four levels of response — tuned per site, so protection matches the risk instead of blocking everything.

Review

Let people review flagged content before it's sent.

Require redaction

Strip the sensitive value, send the rest.

Require justification

Ask for a business reason before sharing.

Block

Stop protected content from leaving the browser.

See each response in detail

Built for both

Use it yourself. Manage it for your team.

The extension is free for individuals to run on their own browser. Organizations add AI Data Loss Prevention policy, deployment, and audit management with per-device pricing — same engine either way.

Individuals

Protect your own AI usage

Free

Free for individuals. Set your preferences and keep working — no account, nothing to configure on a server.

Coming soon to the Chrome Web Store
Local paste, prompt, and attachment scanning
Your settings stay on your device

InputGuard

AI data protection

Current site

app.aitool.comProtected

Protection

Paste protection: On
Prompt scan: On
Text attachments: On

No pasted content is uploaded or stored.

Organizations

Roll it out and manage centrally

Per-device pricing

Add the admin portal to deploy policy, manage enrollment, and review privacy-safe audit activity from one place — billed per active device.

Central policy rollout and updates
Device enrollment and inventory
Metadata-only audit visibility

portal.inputguard.com

Dashboard

Last 7 days · metadata only

All devices

Protected devices

248

+12 this week

Events · 7 days

1,204

metadata only

Redactions

318

values stripped

Events this week

MTWTFSS

Outcomes

Redacted318
Warned204
Blocked57
Allowed625

No prompt text or sensitive values are stored — only the metadata above.

Browser-native AI DLPLocal detectionNo prompt collection

Make AI usage safe to allow.

Join early access for individual use, or set up managed deployment for your whole organization.

Join early access View organization plans