Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.promptguard.co/llms.txt

Use this file to discover all available pages before exploring further.

Shadow AI extends PromptGuard from protecting your AI applications to protecting your employees from leaking data into the AI tools they use every day — ChatGPT, Claude, Gemini, Perplexity, Copilot, Cursor, and more.

What it does

When an employee pastes, types, or uploads sensitive content into a public AI tool, Shadow AI inspects it before it leaves the device and applies your policy:
  • Block credentials, API keys, and secrets.
  • Redact PII (SSN, email, phone, card numbers) — masked on-device so the raw value is never transmitted, while the employee still gets help.
  • Block prompt-injection / jailbreak payloads.
  • Allow normal work, untouched.
Every decision is recorded in the same PromptGuard dashboard as your gateway traffic, tagged by surface (browser / desktop / sdk / proxy) so you can see all AI activity — application and employee — in one place.

Two capture surfaces

Desktop agent (ships today)

macOS & Windows. Inspects LLM API egress at the network layer — Cursor, IDE assistants, and SDK/API-based tools (anything calling api.openai.com, api.anthropic.com, Gemini, …).

Browser extension (roadmap)

The right surface for consumer AI web apps (ChatGPT, Claude, Gemini in the browser) + Google Search. Being rebuilt as a hardened, MDM-distributable extension; not in the current release.
The desktop agent and the browser extension share one client protocol and call the same detection engine. Adding a provider or site is a one-line change, not a new product.

How it fits the platform

Shadow AI is not a separate product — it’s additional surfaces feeding the same engine, policies, and dashboard you already use: 
employees' apps ─┐
browsers ────────┤
native AI apps ──┤──▶  PromptGuard engine  ──▶  one dashboard
your LLM app ────┘      (scan / block / redact / audit)

Multi-user & deployment

  • Fleet enrollment — an admin enrolls many employees’ devices, each with a scoped, revocable credential. See Fleet Enrollment.
  • Cloud, hybrid, or air-gapped — run the engine in our cloud or entirely on your own infrastructure, with one common dashboard. See Deployment Modes.

Honest boundaries

  • Detection requires inspecting traffic, so the desktop agent terminates TLS via a certificate (user-installed today; MDM-managed / System-Extension for enterprise — see the agent page).
  • Coverage is a maintained list of AI providers and sites; new endpoints are added over time.
  • Certificate-pinned apps bypass the network proxy and are not inspected.