LeakSnitch Documentation

Protect your data, everywhere you prompt. (And look good doing it.)

What is LeakSnitch?

LeakSnitch is a Chrome extension designed to detect, block, and redact sensitive data leaks in AI prompts (e.g., ChatGPT, Bard, Claude, and other LLMs). It acts as a Data Loss Prevention (DLP) tool for both developers and non-developers, protecting against accidental or malicious sharing of secrets, PII, financial, and internal data.

Key Features

  • Context-aware detection engine: Uses advanced regex, context, and scoring to identify sensitive data.
  • Covers a wide range of data types: API keys, passwords, tokens, PII (Aadhaar, PAN, credit cards, phone numbers, emails), financial, medical, internal URLs, and more.
  • Scoring system: Each detection is scored. Actions:
    • Score ≥ 90: Block
    • Score 70–89: Warn
    • Score < 70: Allow
    • Strict mode: Block at ≥ 70
  • Redact Mode: Replace only the sensitive value with REDACTED instead of blocking the whole prompt.
  • False positive reduction: Dummy/test/sample values are whitelisted. Assignment patterns only block when a real value is present.
  • Webhook logging: All detections can be sent to a webhook for audit/compliance.
  • Profiles: Save and switch between different detection/whitelist settings.
  • Whitelist management: Domains, IPs, and patterns can be whitelisted.
  • Comprehensive UI: Modern, tabbed interface with quick status, logs, stats, and settings.

Detection Types

LeakSnitch detects and blocks or redacts:

  • API keys (AWS, Google, Slack, Stripe, OpenAI, HuggingFace, Anthropic, etc.)
  • Passwords, tokens, session cookies
  • .env file contents
  • Aadhaar (with Verhoeff validation)
  • Credit cards (Luhn check)
  • PAN (India)
  • Phone numbers (IN/US)
  • Emails
  • SaaS admin URLs, internal docs, internal URLs
  • Bank account/IFSC, UPI IDs (with bank handle whitelist)
  • Analytics IDs, employee/customer IDs
  • S3/GCS paths
  • Medical, student, invoice, tax data
  • Slack channels, auth headers
  • Browser fingerprint data
  • DevOps configs
  • PayTM/PhonePe QR links
  • Insurance policy numbers
  • GPS coordinates, addresses

How Detection, Blocking, Warning, and Redaction Work

  • Detection: LeakSnitch scans prompts for sensitive patterns using regex and context.
  • Scoring: Each match is scored for confidence.
  • Actions:
    • Block: If score ≥ 90 (or ≥ 70 in strict mode), the prompt is blocked and not sent.
    • Warn: If score 70–89, user is warned before sending.
    • Allow: If score < 70, prompt is allowed.
    • Redact Mode: If enabled, only the sensitive value is replaced with REDACTED (not the whole prompt).
  • Assignment patterns: Only block if a real value is present (not just the keyword).
  • False positives: Dummy/test/sample values are always allowed.

Redact Mode

  • When enabled, only the detected sensitive value is replaced with REDACTED.
  • The rest of the prompt/code is preserved.
  • Regexes ensure only the value is redacted, not the whole assignment or line.
  • Works for all detection types, including phone numbers, assignments, and more.

Webhook Logging

  • All detections (blocked, warned, allowed) can be sent to a webhook for audit/compliance.
  • Webhook requests are sent from the background script to avoid CORS issues.
  • Use a CORS-friendly endpoint for testing.

Profiles and Settings

  • Save and switch between different detection/whitelist settings.
  • Each profile stores its own keywords, patterns, whitelists, and settings.
  • Default profile is always available.

Whitelist Management

  • Whitelist by domain, IP address, or pattern.
  • Whitelisted items are never blocked or redacted.
  • Manage whitelists in the Detection tab.

UI/UX Overview

  • Tabbed interface: Home, Detection, Profiles, Stats, Logs, Settings.
  • Quick Status: See monitoring/redact status, last detection, today's stats.
  • Detection tab: Manage keywords, custom patterns, whitelists.
  • Profiles tab: Save, switch, import/export profiles.
  • Stats tab: View detection statistics, time-based analysis.
  • Logs tab: See recent detection logs.
  • Settings tab: Webhook, about/help.

Example Prompts: What Will Be Blocked, Warned, or Allowed

Blocked (Score ≥ 90)

  • "My AWS key is AKIAIOSFODNN7EXAMPLE"
  • "Aadhaar: 1234 5678 9123"
  • "Credit card: 4111 1111 1111 1111"
  • "My PAN is ABCDE1234F"
  • "Session cookie: sessionid=abc123xyz"
  • ".env: OPENAI_API_KEY=sk-abc123..."
  • "UPI: 9876543210@okhdfcbank"
  • "Internal doc: https://internal.corp.com/docs/secret"
  • "Slack token: xoxb-1234567890-abcdef"
  • "Patient ID: 1234567890123456"

Warned (Score 70–89)

  • "My phone number is 9876543210"
  • "Contact: john.doe@example.com"
  • "Bank IFSC: HDFC0001234"
  • "Employee ID: EMP123456"
  • "Analytics ID: UA-12345678-1"
  • "S3 path: s3://mybucket/private"
  • "Invoice number: INV-2023-0001"

Allowed (Score < 70)

  • "This is a test key: test1234"
  • "Sample email: dummy@example.com"
  • "My favorite number is 42"
  • "Contact: support@company.com (public info)"
  • "UPI: test@okaxis"
  • "Random string: abcdefghijklmnop"

FAQ & Troubleshooting

  • Why was my prompt blocked? It matched a sensitive pattern with a high confidence score. See the log for details.
  • How do I allow a specific value? Add it to the whitelist (domain, IP, or pattern).
  • Why is Redact Mode not replacing the whole line? Only the sensitive value is redacted, not the whole prompt/code.
  • Webhook not working? Make sure your endpoint supports CORS and is reachable from the browser.
  • How do I reset everything? Use the Profiles tab to switch to Default or create a new profile.

Support & Feedback

LeakSnitch: Protect your data, everywhere you prompt. 🚨