The one-stop browser-based DLP extension to stop users from sharing sensitive information with chatGPT.
Since OpenAI does admits that they can use our data to train their models, the looming threat of secret leakge as part of user prompts had to be addressed. While OpenAI does take steps to reduce the amount of personal information going into their training datasets, no individual or organization would want their secret keys or tokens to be a part of the training data. This is a major issue for companies whose teams largely depend on ChatGPT for their day-to-day work and could be passing sensitive data as part of their prompts.
Introducing leakyGPT, a browser-based DLP extension that looks for any secret exposures (with the help of our signatures) within user prompts before they are submitted to chatGPT. The user can decide whether to prevent the prompt from being submitted or continue with it, thus helping prevent secrets from accidentally being trained in the datasets.
The extension uses Manifest version 2 which is deprecated and hence Chrome is no longer accepting such submissions to the chrome web store. While the version is deprecated, it should still work fine on the latest versions of Chrome as long as they continue to support it. In the long run, I plan on rewriting the code to make it compatible to Manifest version 3 and then launch it over Chrome Web Store.
No data is logged in any step or process of this extension making it completely safe for personal or enterprise use. Which also makes me want to state it here that the extension is completely free of cost and will not have any subscription involved for the time being.
Simply clone or download the repository and then head over to chrome://extensions/ and click on "Load unpacked" button. After that, just choose the directory containing the source code / project and it should now be imported onto your browser.
No additional steps are required after the installation. Just head over to chatGPT and use it like you always do. In case it detects any exposures it will inform you through a dialog box.
If you head to chrome://extensions/ you can either click on "Remove" button to uninstall the extension or click on "Details" button and toggle off the extension in case you would like to disable it.
Open the regexes.json file present in the repo folder which you earlier downloaded or cloned, add up new signatures or modify existing one and then head to chrome://extensions/ to finally click the reload button next to the toggle one.