AEGIS AI

Home Screen Chat Window
Example Input-Output With Desensitised Prompt
Privacy Pipeline Visualised
Technical Architecture

Inspiration

In 2023, a Samsung engineer accidentally pasted confidential source code into ChatGPT. That data became part of the model’s training pipeline permanently. Today, millions of users paste contracts, medical records, API keys, financial data, and internal company documents into AI chatbots without realizing that every prompt is sent to external servers they do not control. We asked a simple question: what if you could use powerful cloud AI without ever exposing your real data? That question became Aegis AI.

What It Does

Aegis AI is a privacy-first AI interface that sanitizes sensitive data locally before it reaches cloud LLM providers. When a user submits a prompt, a lightweight local model runs entirely on the device and detects sensitive information such as names, addresses, bank accounts, API keys, credentials, and financial data. This information is replaced with secure placeholders before the prompt is sent to cloud models like Gemini or Claude. The cloud AI generates a response using only the placeholders. Aegis then reconstructs the original data locally so that the user sees the full, correct answer, while the cloud model never had access to the real confidential information.

How We Built It

Aegis is built around a privacy-first, on-device sanitization pipeline designed for accuracy, performance, and auditability. Instead of relying on a single detection mechanism, we implemented a layered architecture that combines deterministic pattern recognition with local language model inference.

First, a rule-based extraction layer detects structured sensitive data such as emails, IBAN numbers, API keys, JWT tokens, database connection strings, and other credential formats using optimized regex and contextual pattern matching. This ensures high precision for well-defined technical secrets and compliance-sensitive identifiers.

Second, we integrated a lightweight on-device LLM to detect unstructured personally identifiable information, including names, company references, addresses, and financial entities that cannot be reliably captured with static rules. Running this model locally ensures that raw input text never leaves the user’s machine before sanitization.

Third, we implemented context-aware key–value detection to identify sensitive configuration patterns (e.g., environment variables, authentication headers, secret assignments) even when they do not strictly match predefined formats.

Only after this full local sanitization pipeline completes is the redacted prompt transmitted to external LLM providers such as Gemini or Claude. The system then reconstructs the original data locally once the AI response is returned.

The architecture is modular and model-agnostic. The frontend is built as a modern web client interface, connected to an Express-based backend that manages processing flow, model routing, and state synchronization. We also implemented a transparency layer that allows users to inspect the full privacy pipeline — original prompt, sanitized version, AI response, and reconstructed output — creating auditability and user trust.

This is not a theoretical prototype; it is a fully working privacy middleware between users and cloud AI systems. Challenges

The main challenge was balancing detection accuracy, performance, and user trust. Local AI processing introduces additional latency, but we optimized the pipeline to add only a few seconds of overhead, a reasonable trade-off for enterprise-grade privacy protection. Ensuring that sensitive information is detected without over-sanitizing normal text required careful tuning of both pattern recognition and local model behavior.

Real-World Impact

Every organization integrating AI faces compliance and data leakage risks. Legal firms, healthcare providers, financial institutions, and enterprises using internal AI copilots must ensure that proprietary or regulated information does not leave their control.

Aegis acts as a privacy gateway between users and cloud AI systems, enabling companies to safely adopt advanced AI capabilities without exposing confidential data. Rather than replacing cloud AI, Aegis makes it usable in regulated and high-stakes environments.

Startup Potential

The rapid adoption of AI across organizations has created a growing compliance and data exposure risk. Many companies are currently restricting or banning public AI tools internally because employees unintentionally paste confidential information into external models. This creates a clear tension: companies want the productivity benefits of AI, but they fear regulatory and reputational risk.

Aegis resolves this tension by acting as a privacy gateway between users and cloud LLM providers. Instead of blocking AI usage, it enables secure AI adoption. For regulated industries such as healthcare, finance, legal services, and enterprise SaaS, even a single data leakage incident can result in severe financial penalties, contractual liability, and long-term reputational damage. By ensuring that raw sensitive data never reaches external AI systems, Aegis reduces that exposure significantly.

The product has a dual-market opportunity. For enterprises (B2B), Aegis can be deployed as a secure AI middleware layer integrated into internal copilots, Slack bots, knowledge systems, and AI-assisted workflows. For individuals and small teams, it can be used as a standalone privacy-first AI client or as a Chrome extension that intercepts prompts in real time across any AI chatbot. This flexibility allows Aegis to serve both regulated corporations and privacy-conscious professionals.

From a productivity standpoint, secure AI adoption can unlock measurable efficiency gains. Teams can safely use AI for document summarization, contract analysis, internal reporting, and automation without compliance restrictions. Instead of banning AI tools, organizations can safely scale them.

In terms of monetization, Aegis follows a layered revenue model. For enterprises, it can operate as a SaaS subscription priced per seat or per API volume, similar to existing enterprise AI platforms. For individuals, a freemium model can provide basic sanitization features for free, with advanced detection layers, compliance logging, and multi-model support available under a paid subscription. For Chrome extension users, a tiered subscription model with enhanced detection accuracy and enterprise-grade encryption can provide recurring revenue. Over time, Aegis can evolve into a privacy compliance infrastructure layer for AI-native organizations.