Skip to main content
Your team pastes code, customer records, and credentials into AI tools every day. Shadow AI inspects that content on the employee’s own device, the moment before it’s sent — and blocks, redacts, or allows it according to your policy. Nothing sensitive leaves the machine to be checked. It’s the same PromptGuard engine, policies, and dashboard you already use for your own apps — now watching the AI tools your employees use, too.

How it works

Every paste, prompt, or upload to a known AI tool gets one verdict, in milliseconds:

Block — secrets

API keys, cloud credentials, and tokens never leave the device.
AWS_SECRET=…stopped.

Redact — PII

Emails, phone numbers, SSNs, and card numbers are masked on-device, so the employee still gets help and the raw value is never transmitted.
jane@acme.co[EMAIL].

Block — attacks

Prompt-injection and jailbreak payloads are caught before they’re sent.

Allow — real work

Everything else passes through untouched, with zero added friction.
Every verdict lands in your PromptGuard dashboard, tagged by surface (desktop · browser · sdk · proxy) — so application traffic and employee traffic show up in one audit trail.

Get started

Quickstart — protect one machine

Install, connect, and see your first block in about five minutes (macOS & Windows). One agent covers both AI APIs (Cursor, IDE assistants) and the AI web apps in the browser (ChatGPT, Claude) — no extension needed.

Roll it out to your fleet

Enroll many devices under one org, each with a scoped, individually revocable credential — and see the whole fleet in one place.

One engine, every surface

Shadow AI isn’t a separate product. It’s additional places we watch feeding the same detection engine, the same policies, and the same dashboard:

Your apps

Gateway & SDK traffic

Your team

Desktop agent + browser

One dashboard

Scan · block · redact · audit
Adding a new provider or site is a one-line change — not a new product to learn or deploy.

Run it your way

Cloud, hybrid (your engine + our dashboard), or fully air-gapped — same dashboard, switched with a single setting.

What Shadow AI does — and doesn’t

We’d rather be upfront than over-promise:
Detection requires reading the request, so the agent terminates TLS using a certificate it installs on the device — user-approved for individuals, or MDM-managed for enterprise fleets. Content is inspected locally; only the verdict and masked metadata are logged.
We watch a curated, growing set of AI providers and web apps. New endpoints are added over time; a tool we don’t yet recognize passes through untouched.
A few apps pin their own certificate and bypass any inspection proxy. Those are out of scope by design — we never silently fail open on a tool we do cover.