To use these add-ons, you'll need to download Firefox.

Log in
Add-on icon

Privacy policy for AI Firewall

AI Firewall by Daniel Goldberg

0 Stars out of 5
5
0
4
0
3
0
2
0
1
0
Privacy policy for AI Firewall

AI Firewall Browser Extension - Privacy Policy

Last updated: 2026-06-13

The AI Firewall browser extension inspects the prompts you are about to send to
AI services so it can warn you about, redact, or block secrets and personal
information before they leave your browser.

What the extension accesses

  • The text you submit on supported AI sites** (e.g. ChatGPT, Claude, Gemini,
    Copilot, Perplexity). It is read at submit time only, to be checked.
  • The destination hostname** of the AI request (e.g. api.openai.com).
  • Local extension settings** you set (proxy URL, fail mode, and - if your
    organization uses it - a fleet server URL and token), stored via
    chrome.storage.

Where your data goes
  • By default, nowhere external. Prompt text is sent only to the local AI
    Firewall proxy on your own machine (http://127.0.0.1:8080) for inspection.
    The proxy returns a decision (allow / warn / redact / block); the extension
    acts on it locally. No prompt content is sent to the extension author or any
    third party.
  • Optional organization fleet (opt-in only). If your organization configures
    a fleet server URL + token (via managed policy, or you enter them in the
    options page and grant access), the extension may send decision metadata
    only - timestamp, destination host, the AI service name, the
    allow/warn/redact/block decision, and the detector category. It never sends
    your prompt text or any matched secret in this channel. This is used so your
    organization can see which AI services are in use and enforce policy. It is
    off unless your organization turns it on.

What is stored locally
  • Your settings (proxy URL, fail mode, optional fleet URL/token).
  • Rolling counts of your own decisions (how many were allowed/warned/redacted/
    blocked, and per-service totals) to power the popup dashboard. These counts
    stay in your browser and are not transmitted.

What we do NOT do
  • No analytics, tracking, advertising, or fingerprinting.
  • No transmission of prompt content or secrets to the extension author.
  • No remote code: the extension ships all its code in the package.

Permissions, briefly
  • Host access to AI sites: to read the prompt at submit time and enforce the
    decision on those sites.
  • Host access to 127.0.0.1: to reach your local inspector proxy.
  • storage: to keep your settings and local counts.
  • declarativeNetRequest : to block requests to AI hosts at the network layer
    when you choose fail-closed mode and the proxy is unreachable.
  • Optional host access (requested only if you enable a fleet server)**: to
    send decision metadata to your organization's server.

Contact

Questions: open an issue at the project homepage.