> ## Documentation Index
> Fetch the complete documentation index at: https://docs.promptguard.co/llms.txt
> Use this file to discover all available pages before exploring further.

# Browser Extension

> A roadmap enhancement for AI web apps — in-page coaching before you hit send. You don’t need it today: the desktop agent already covers the browser.

<Note>
  **You don't need this to protect the browser today.** The
  [desktop agent](/shadow-ai/desktop-agent) already covers ChatGPT and Claude in
  the browser by inspecting network traffic. This extension is a planned
  *enhancement* on top — it isn't in the current release.
</Note>

## What's covered now vs. what this adds

| Your team uses…                                                                          | Today            |
| ---------------------------------------------------------------------------------------- | ---------------- |
| Cursor, IDE assistants, SDK/API tools                                                    | ✅ Desktop agent  |
| ChatGPT / Claude in the browser                                                          | ✅ Desktop agent  |
| Gemini in the browser                                                                    | ⏳ Roadmap        |
| In-page coaching before send · no certificate to install · resilience to web-app changes | ⏳ This extension |

## Why build an extension if the agent already covers the browser?

Three things the desktop agent can't do from the network layer:

<CardGroup cols={3}>
  <Card title="Coach before send" icon="comment">
    Warn the employee *as they type or paste*, instead of after the request is
    already blocked.
  </Card>

  <Card title="No certificate needed" icon="certificate">
    Works in locked-down environments where you can't install a system
    certificate or proxy.
  </Card>

  <Card title="Survives app changes" icon="arrows-rotate">
    Reads the page directly, so it keeps working when an AI web app changes its
    internal API.
  </Card>
</CardGroup>

## What it will do

When released, the extension runs inside the page and catches sensitive content
at the moment it would leave — the right place to stop a leak:

* **Paste** — the classic exfil move (dropping a customer table into Claude).
* **Submit** — the Enter key or the site's Send button.
* **File upload** — reads text and PDF attachments before they upload.

On a block or redact it shows a clear overlay with the reason, a confidence
score, and an audit reference; for redaction it offers a masked, safe version to
send instead. Detection runs in the same PromptGuard engine — the only thing
done in the browser is the masking itself. It enforces at paste / submit /
upload and **does not key-log**.

## How it will ship

Chromium browsers first (Chrome, Edge, Brave, Arc), then Firefox and Safari. For
rollout, you'll **force-install it via Chrome/Edge Enterprise policy (MDM)** so
it can't be quietly disabled, pointed at your engine (cloud or self-hosted) with
a device credential from [fleet enrollment](/shadow-ai/fleet-enrollment).

<Card title="Cover the browser today with the desktop agent" icon="desktop" href="/shadow-ai/desktop-agent">
  Install it now — ChatGPT and Claude in the browser are protected out of the box.
</Card>
