ShadowGuard-AI

ShadowGuard AI: Your 100% local, zero-trust AI security bodyguard that blocks sensitive data leaks before they ever leave your browser.

Comment

🛡️ Inspiration

We noticed a massive security blind spot in the AI era: developers and users are constantly copy-pasting code, logs, and environment variables into AI chatbots (ChatGPT, Claude, Gemini) for debugging. One accidental paste of an AWS key, GitHub token, or credit card can lead to a catastrophic breach. Existing Data Loss Prevention (DLP) tools are enterprise-heavy, cloud-based, and ironically, require sending your data to a third-party server to check if it's sensitive. We wanted to build a "security bodyguard" that stops the leak before it leaves the browser.

🚀 What it does

ShadowGuard AI is a Chrome extension that intercepts paste events and keystrokes, running a 100% local, synchronous regex and heuristic engine to detect PII and secrets. If a leak is detected, it instantly blocks the paste and flashes a red overlay. It also features a real-time WebSocket dashboard that visualizes live threats and scans your other installed Chrome extensions for dangerous permission combinations.

🛠️ How we built it

  • Extension (Phase 1): Built with React, TypeScript, and Manifest V3. We used capture-phase event listeners to synchronously block pastes without relying on heavy MutationObservers.
  • Detection Engine: We implemented a comprehensive pattern-matching library. To avoid false positives (e.g., flagging a 16-digit order ID as a credit card), we wrote a synchronous Luhn algorithm check directly in the content script.
  • Backend & Dashboard (Phase 2): Built a FastAPI backend with WebSockets. The React dashboard visualizes live threats and historical charts using Recharts.
  • Zero-Trust Architecture: We designed the system so that no raw data ever leaves the browser. Even when the backend receives telemetry, it only receives heavily masked metadata (e.g., AKIA****MPLE).

🚧 Challenges & Accomplishments

  • Regex vs. False Positives: Implementing the Luhn check in the browser was a massive win for the demo, as it mathematically guarantees we only flag valid credit cards.
  • Manifest V3 Limitations: Adapting to the new service worker lifecycle in MV3 while maintaining real-time WebSocket connections to the dashboard required careful state management.
  • Accomplishments: We are incredibly proud of the synchronous paste-blocking mechanism. It works flawlessly on complex, dynamically injected React inputs (like ChatGPT's textarea) with zero latency.

🧠 What we learned

We deep-dived into Chrome Extension Manifest V3 architecture, capture-phase event delegation, and designing zero-trust data pipelines where the backend is treated as an untrusted entity that only receives sanitized metadata.

Built With

Share this project:

Updates