{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreifpdhfq6cih22l47sptfizxskdotuj4zj2xczwa722wqofxwoywwq",
    "uri": "at://did:plc:lk3jfj3zq4k4wxnk474axylu/app.bsky.feed.post/3mk3mu5g3dl52"
  },
  "path": "/t/client-side-secret-redaction-for-llm-prompts-leakguard-mvp/1379525#post_1",
  "publishedAt": "2026-04-22T13:25:50.000Z",
  "site": "https://community.openai.com",
  "textContent": "I’ve been working on a Chrome extension that acts as a client-side privacy layer for LLM usage.\n\nThe idea:\nDetect likely secrets in the prompt before it’s sent, replace them with local placeholders (e.g. [PWM_1]), and ensure only redacted data leaves the browser.\n\nWhat’s currently working:\n\n  * deterministic mapping (same secret → same placeholder)\n\n  * idempotent behavior (already-redacted input stays unchanged)\n\n  * mixed input handling (raw + placeholder in same prompt)\n\n  * detection of common patterns (API keys, tokens, JWTs, connection strings, etc.)\n\n  * verified via DevTools that outbound payloads contain only placeholders\n\n\n\n\nThis is not meant to be “perfect security,” but a safety layer to reduce accidental leakage during day-to-day LLM usage.\n\nWhat I’m looking for:\n\n  * where would you try to break this?\n\n  * what edge cases am I missing?\n\n  * how would you approach unknown secret detection (entropy vs context)?\n\n\n\n\nRepo: you can find it in github with name LeakGuard",
  "title": "Client-side secret redaction for LLM prompts (LeakGuard MVP)"
}