The first DLP built for the AI attack surface  ·  AI Manipulation & Prompt Attack Protection. Built for AI users.
PromptGuard — The browser is the new endpoint. Now it's protected.
Add to Chrome — It’s Free See all features ↓
Works on ChatGPT Claude Gemini Copilot Google AI Studio DeepSeek Kimi AI Grok Perplexity Mistral Slack Gmail Salesforce GitHub +30 more
AI Security Engine

Protection built for AI users.

Traditional DLP stops data leaving. PromptGuard also stops attacks entering — AI manipulation, prompt injections and jailbreaks, caught before any AI model sees them.

🎯
Direct Prompt Injection
Instruction overrides, system prompt replacement, safety disables. Covers 7 languages — EN, FR, ES, DE, ZH, AR, RU.
28 PATTERNS
🎭
Jailbreak & Persona Attacks
DAN, STAN, DUDE, BasedGPT, DevMode and 20+ named jailbreak personas. Roleplay bypass and uncensored mode attempts.
MULTILINGUAL
📄
Indirect & RAG Pipeline Injection
Instructions hidden in pasted documents, emails and retrieved data. Defends against RAG pipeline poisoning at the browser layer.
RAG DEFENCE
🔐
Encoding & Obfuscation Attacks
Decodes base64, hex and URL-encoding before scanning. Strips homoglyphs, zero-width chars and leetspeak used to evade detection.
PRE-DECODE SCAN
🔍
System Prompt Extraction
Catches fishing for system prompts and initial instructions. Covers "what are your instructions" and all structural variants.
PROMPT LEAKAGE
👑
Privilege Escalation & Authority Claims
"I am the admin", sudo/root/god mode, developer mode. Authority impersonation used to bypass AI guardrails.
PRIVESC
🧬
Many-Shot & Memory Injection
Fake conversation history, virtual memory injection and instruction injection via markdown blocks and HTML comments.
CONTEXT HIJACK
Multi-Step Exfiltration Chains
Staged extraction sequences, urgency signals, anti-logging requests. Steps scored cumulatively — flagged before the chain completes.
CHAIN DETECTION
☣️
Model Misuse & Weaponisation
Requests to generate phishing pages, malware, SQL injection and XSS payloads. Blocked before the AI writes the attack.
PRE-GENERATION BLOCK
AI Manipulation & Prompt Attack Detection — every keystroke · <5ms · 100% local
1
NormaliseHomoglyphs & zero-width chars stripped
2
DecodeBase64, hex & URL-encoded payloads
3
Intent AnalysisAI manipulation, persona & attack chain detection
4
Context ScanContext window reduces false positives
5
Score0–100 composite with Luhn-validated financials
Traditional DLP
Built for data at rest & transit
Sits on the network or endpoint agent
Cannot see AI prompt content
No concept of prompt injection or jailbreaks
Blind to clipboard, print and file upload vectors
Requires agent deployment, network rerouting or proxy
No RAG pipeline visibility
PromptGuard
Built for the AI-native attack surface
Lives in the browser — where AI tools actually run
Scans every prompt, paste, file upload and send event
28 prompt injection & jailbreak pattern categories
Clipboard, print, download & drag-and-drop DLP
Zero agents, proxies or network rerouting
Detects RAG poisoning at the browser layer
Full Feature Set

AI Security + Enterprise DLP. One extension.

Attack prevention, data loss protection, threat detection and compliance — all running locally in your browser. No agents, no proxies, no data leaving your machine.

🧠
AI Manipulation & Prompt Attack Protection Protect+ New
Scores the intent of every prompt before it reaches any AI model. Catches direct injection, jailbreak personas, indirect RAG attacks, encoded payloads, privilege escalation and multi-step manipulation — in 7 languages.
🔍
Real-time prompt scanning Free
As-you-type detection across all 45+ supported platforms. Risk score 0–100. Scans for PII, secrets, financial data, company confidentials and attack patterns simultaneously.
📋
Clipboard protection Protect
Intercepts paste and copy events in real time. Detects sensitive data before it enters any AI tool. The only extension scanning both the prompt input and the clipboard event stream.
📎
File upload inspection Protect
Scans 20+ file types on input change and drag-and-drop — including txt, csv, json, js, py, sql and best-effort PDF/DOCX extraction. Warns before the file reaches the AI model.
🖨
Print interception Protect
Fires on Ctrl+P and window.print(). Scans page content for sensitive data before it exits the browser — a last-mile DLP capability no API proxy can provide.
⚠️
Malware inspection New Protect
Detects malware filenames, encoded payloads, reverse shell patterns, dropper language, registry persistence hints and binary obfuscation in prompts and file uploads.
🎣
Phishing & URL protection New Protect
Flags credential harvesting language, brand impersonation typosquats, URL shorteners, homoglyph domains and phishing kit terminology before they reach an AI tool.
🤖
Fake CAPTCHA detection New Protect
Stops ClickFix attacks that trick users into pasting malicious commands. Detects "press Win+R", clipboard payload delivery and social-engineering CAPTCHA bypass language.
🎯
Adaptive risk policy New Protect+
Elevates risk scores based on contextual signals: urgency cues, secrecy requests, authority impersonation, evasion attempts and multi-step exfiltration chains.
🔌
BYOMCP Integrations New Enforce
Forward detection events to any MCP server, SIEM or webhook. Supports Splunk, Datadog, Microsoft Sentinel, Slack, MS Teams. Formats: JSON, CEF, LEEF, OCSF 1.1, custom.
🧠
AI Model Blocker New Enforce
Blocks Chrome Gemini Nano, WebNN local ML inference and Transformers.js/ONNX model loads. Prevents sites from silently downloading gigabytes of model weights to your device.
📊
Risk analytics & heatmap Protect+
7×24 detection heatmap, 7-day trend analytics, detection source breakdown and 250-event searchable log — all stored locally in your browser.
📤
SIEM & compliance exports Enforce
Export structured JSON for Splunk, Datadog or Microsoft Sentinel. Pre-formatted HIPAA, GDPR and PCI-DSS compliance snapshots generated locally for audit evidence.
How it works

Three steps. Thirty seconds.

No agents. No proxies. No network rerouting. Just a Chrome extension doing the heavy lifting locally.

01
Install from the Chrome Web Store
One click. No account required for the free Detect tier. The extension injects a lightweight content script into your supported sites — nothing else.
02
PromptGuard scans as you type
Every keystroke, paste, file selection and send button click is evaluated locally against 26 compliance frameworks and all enabled threat modules. Nothing is transmitted.
03
Warn, block, or forward
The floating widget shows your risk score in real time. High-risk prompts trigger an advisory (free tier) or enforcement overlay (paid). Enforce tier forwards events to your SIEM.
Compliance & AI Threat Coverage

23 frameworks + 9 AI attack categories.

10 core DLP packs always on. 16 regional compliance frameworks. 9 AI attack & manipulation categories. All running locally — more coverage than any network DLP or CASB solution.

🧠 Direct Injection 🎭 Jailbreak Personas 📄 RAG Injection 🔐 Encoding Attacks 🔍 Prompt Extraction 👑 Privilege Escalation 🧬 Memory Injection ⛓ Exfiltration Chains ☣️ Model Weaponisation
🌐
PCI-DSS
Global
🌐
Global PII
Global
🌐
Secrets & API keys
Global
🇺🇸
HIPAA
United States
🇪🇺
GDPR
European Union
🇬🇧
UK ICO / DPA 2018
United Kingdom
🇩🇪
BDSG
Germany
🇫🇷
CNIL
France
🇨🇦
PIPEDA
Canada
🇧🇷
LGPD
Brazil
🇦🇺
Privacy Act
Australia
🇮🇳
DPDPA 2023
India
🌏
PDPA
Singapore / APAC
🇰🇷
PIPA
South Korea
🇯🇵
APPI
Japan
🇦🇪
UAE PDPL
UAE
🇿🇦
POPIA
South Africa
🇳🇬
NDPR
Nigeria
🇰🇪
DPA 2019
Kenya
Pricing

Start free. Scale when you need to.

No sales call required. All plans include 100% local processing and zero data transmission.

Monthly Annual Save up to 33%
Detect
$0/mo
For individuals who want prompt awareness
  • Real-time prompt scanning
  • 10 core detection packs
  • Risk score 0–100
  • Floating risk widget
  • Educational coaching overlay
  • All 45+ AI platforms
  • Attachment / clipboard / print DLP
  • Malware & phishing detection
  • Adaptive risk policy
  • BYOMCP integrations
Add to Chrome — Free
Protect
$9/mo
For professionals who need real enforcement
  • Everything in Detect
  • DLP
  • Block high-risk prompts
  • Attachment inspection (20+ types)
  • Clipboard, print & download DLP
  • 26 compliance frameworks
  • Threat Detection
  • Malware inspection
  • Phishing & URL protection
  • Fake CAPTCHA / ClickFix
Protect+
$19/mo
For power users and security-conscious teams
  • Everything in Protect
  • AI Security
  • AI manipulation & prompt attack protection
  • 9 AI attack & manipulation categories
  • Advanced Detection
  • Adaptive risk policy
  • Risk heatmap (7×24)
  • 7-day trend analytics
  • Reporting
  • 250-event searchable log
  • CSV export
  • BYOMCP integrations
  • SIEM JSON export
Enforce
$120/mo
10 seats — $12/seat/mo
For security teams and regulated enterprises. Includes Admin Console and org-wide policy management.
  • Everything in Protect+
  • AI Security
  • AI manipulation & prompt attack protection
  • AI jailbreak & persona attack detection
  • End-to-end AI RAG pipeline protection COMING SOON
  • ↳ Inbound & outbound — prompt, retrieval & response layers
  • Integrations
  • BYOMCP — 8 destinations
  • Splunk, Datadog, Sentinel
  • CEF, LEEF, OCSF 1.1 formats
  • RAG pipeline events to SIEM COMING SOON
  • Enterprise
  • Admin Console & org policy
  • AI model blocker
  • User seat management
  • Compliance
  • SIEM JSON export
  • HIPAA / GDPR / PCI snapshots
Choose your seat count
Seats Monthly Annual Per seat/yr
1 – 10 $120/mo $1,000/yr Save 31% $100
11 – 25 $250/mo $2,075/yr Save 31% $83
26 – 50 $400/mo $3,350/yr Save 30% $67
51 – 100 $600/mo $5,000/yr Save 31% $50
101 – 250 $1,250/mo $10,000/yr Save 33% $40
250+ seats Contact us →
All Enforce plans include Admin Console, org-wide policy, user seat management, SIEM integrations, and HIPAA / GDPR / PCI compliance snapshots. No per-user setup. 100% local processing.