{"id":37230636,"url":"https://github.com/gautamjkr/safe-paste","last_synced_at":"2026-01-15T03:39:29.771Z","repository":{"id":332088014,"uuid":"1129249205","full_name":"gautamjkr/safe-paste","owner":"gautamjkr","description":"šŸ›”ļø A privacy-first Chrome extension that intercepts clipboard data to redact PII (emails, keys, CCs) before pasting into AI assistants like ChatGPT \u0026 Gemini. 100% local, zero-leakage \"privacy firewall.\"","archived":false,"fork":false,"pushed_at":"2026-01-12T11:17:18.000Z","size":1241,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-01-12T19:04:00.879Z","etag":null,"topics":["browser-extension","chatgpt","chrome-extension","cybersecurity","data-protection","gemini","pii-redaction","privacy","privacy-tools","react","security","typescript"],"latest_commit_sha":null,"homepage":"https://gautamjkr.github.io/safe-paste/","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/gautamjkr.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-01-06T20:28:58.000Z","updated_at":"2026-01-12T11:13:10.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/gautamjkr/safe-paste","commit_stats":null,"previous_names":["gautamjkr/safe-paste"],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/gautamjkr/safe-paste","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gautamjkr%2Fsafe-paste","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gautamjkr%2Fsafe-paste/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gautamjkr%2Fsafe-paste/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gautamjkr%2Fsafe-paste/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/gautamjkr","download_url":"https://codeload.github.com/gautamjkr/safe-paste/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gautamjkr%2Fsafe-paste/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28442310,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-15T00:55:22.719Z","status":"online","status_checked_at":"2026-01-15T02:00:08.019Z","response_time":62,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["browser-extension","chatgpt","chrome-extension","cybersecurity","data-protection","gemini","pii-redaction","privacy","privacy-tools","react","security","typescript"],"created_at":"2026-01-15T03:39:29.220Z","updated_at":"2026-01-15T03:39:29.763Z","avatar_url":"https://github.com/gautamjkr.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# šŸ”’ SafePaste - Privacy-First AI Clipboard Layer\n\n\u003e **Intercept, analyze, and redact PII/secrets before pasting into AI assistants (ChatGPT, Gemini, etc.)**\n\n[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)\n[![Version](https://img.shields.io/badge/version-v0.1.0--beta-green.svg)](https://github.com/gautamjkr/safe-paste)\n[![React](https://img.shields.io/badge/React-18+-61dafb.svg)](https://reactjs.org/)\n[![TypeScript](https://img.shields.io/badge/TypeScript-5+-blue.svg)](https://www.typescriptlang.org/)\n\n**šŸ“– [Documentation Website](https://gautamjkr.github.io/safe-paste/)** | **šŸ“š [GitHub Wiki](https://github.com/gautamjkr/safe-paste/wiki)**\n\n---\n\n## šŸŽÆ Overview\n\n**SafePaste** is a privacy-first Chrome extension that uses **aggressive client-side PII detection** to identify and redact sensitive information before it reaches AI text areas. It gives users granular control over what gets pasted, with an opt-in keyboard shortcut for maximum privacy.\n\n### The Problem\n\nWhen using AI assistants like ChatGPT or Google Gemini, users often paste sensitive information (phone numbers, emails, credit cards, API keys, passwords, etc.). **This data is sent to third-party AI services**, potentially violating privacy regulations (GDPR, HIPAA, etc.) and creating security risks.\n\n### The Solution\n\nSafePaste acts as a **privacy firewall** between your clipboard and AI assistants:\n- **Opt-in via Keyboard Shortcut**: Use `Ctrl+Alt+V` (or `Cmd+Alt+V` on Mac) to trigger SafePaste\n- **Aggressive Detection**: Comprehensive regex patterns detect 25+ types of sensitive data\n- **Client-side Processing**: All detection happens locally in your browser\n- **Granular Control**: Three paste options - Mask All, Paste Original, or Custom Select\n- **100% Local**: No external API calls, no data transmission, no storage\n\n![SafePaste in Action](assets/safepaste-chatgpt-demo.png)\n\n---\n\n## šŸ›”ļø Key Features\n\nāœ… **Opt-in design** - Normal paste (`Ctrl+V`) works normally \nāœ… **25+ entity types detected** - Phone, email, credit cards, API keys, passwords, private keys, and more \nāœ… **100% local processing** - All detection happens in your browser \nāœ… **No external libraries** - Self-contained detection logic for maximum security \nāœ… **Chrome Web Store compliant** - Self-contained, minimal permissions \nāœ… **Granular control** - Choose which entities to redact via Custom Select \n\n---\n\n## šŸš€ Quick Start\n\n### Prerequisites\n\n- **Node.js 20+** and npm\n- **Chrome/Chromium browser**\n\n### Installation\n\n```bash\n# 1. Clone the repository\ngit clone https://github.com/gautamjkr/safe-paste.git\ncd safe-paste\ngit checkout main\n\n# 2. Install dependencies\nnpm install\n\n# 3. Build the extension\nnpm run build\n```\n\n### Load in Chrome\n\n1. Open `chrome://extensions/`\n2. Enable **Developer mode** (top right)\n3. Click **Load unpacked**\n4. Select the `dist` folder\n\n---\n\n## šŸ“– Usage\n\n### Keyboard Shortcuts\n\n| Shortcut | Action |\n|----------|--------|\n| `Ctrl+V` / `Cmd+V` | Normal paste (works as usual) |\n| `Ctrl+Alt+V` / `Cmd+Alt+V` | SafePaste (triggers PII detection) |\n\n### Basic Workflow\n\n1. Navigate to ChatGPT (`chatgpt.com`) or Gemini (`gemini.google.com`)\n2. Click in a text area to focus it\n3. Copy content containing PII to your clipboard\n4. Press `Ctrl+Alt+V` (or `Cmd+Alt+V` on Mac) to trigger SafePaste\n5. Ghost Overlay appears showing detected entities\n6. Choose:\n - **Paste Masked**: Redact all detected entities\n - **Paste Original**: No redaction\n - **Custom Select**: Choose which entities to redact\n\n### Example\n\n**Input:**\n```\nMy phone number is +1-555-123-4567. \nEmail: example@mail.com\nCredit card: 4532-1234-5678-9010\n```\n\n**Masked Output:**\n```\nMy phone number is \u003cPHONE_NUMBER_1\u003e. \nEmail: \u003cEMAIL_ADDRESS_1\u003e\nCredit card: \u003cCREDIT_CARD_1\u003e\n```\n\n---\n\n## šŸ“Š Detected Entity Types\n\nThe aggressive PII detector can identify **25+ types** of sensitive information:\n\n**Personal Information**: Phone numbers, emails, SSNs, passport numbers, driver licenses, dates of birth, person names\n\n**Financial Information**: Credit cards, bank accounts, IBANs, SWIFT codes, Bitcoin/Ethereum addresses\n\n**Network \u0026 System**: IP addresses (IPv4/IPv6), MAC addresses, URLs\n\n**Security \u0026 Authentication**: API keys (Stripe, AWS, Google), passwords, JWT tokens, AWS keys, private keys (RSA, DSA, EC, OpenSSH, PGP)\n\n**Other**: UUIDs, dates, locations (addresses, ZIP codes, coordinates)\n\n\u003e šŸ“š **For detailed information about the detection engine, see the [GitHub Wiki](https://github.com/gautamjkr/safe-paste/wiki)**\n\n---\n\n## šŸ” Security\n\n### What SafePaste Does\n\nāœ… Opt-in keyboard shortcut for SafePaste \nāœ… Aggressive PII detection with 25+ entity types \nāœ… 100% local processing in your browser \nāœ… Never sends data to external servers \nāœ… Never stores data in databases \nāœ… No external libraries - self-contained \nāœ… Chrome Web Store compliant \n\n### What SafePaste Doesn't Do\n\nāŒ Intercept normal paste operations \nāŒ Store raw secrets or PII \nāŒ Send data to third-party services \nāŒ Make external API calls \nāŒ Require backend infrastructure \nāŒ Track user behavior \n\n---\n\n## šŸ› ļø Development\n\n### Project Structure\n\n```\nsafepaste/\nā”œā”€ā”€ src/\nā”‚ ā”œā”€ā”€ contentScript.tsx # Main content script\nā”‚ ā”œā”€ā”€ piiDetector.ts # Client-side PII detection\nā”‚ ā”œā”€ā”€ background.ts # Background service worker\nā”‚ ā”œā”€ā”€ overlayMount.tsx # Overlay mounting logic\nā”‚ ā””ā”€ā”€ overlay/\nā”‚ ā””ā”€ā”€ GhostOverlay.tsx # Overlay UI component\nā”œā”€ā”€ dist/ # Built extension\nā”œā”€ā”€ manifest.json\nā””ā”€ā”€ package.json\n```\n\n### Commands\n\n```bash\nnpm run dev # Development mode (watch for changes)\nnpm run build # Build for production\n```\n\n### Tech Stack\n\n- **Extension**: React 18, TypeScript, Vite, Tailwind CSS\n- **PII Detection**: Client-side regex patterns and heuristics\n- **Build Tool**: Vite\n\n---\n\n## šŸ› Troubleshooting\n\n**Extension not working?**\n- Check extension is enabled in `chrome://extensions`\n- Verify you're on a supported site (`chatgpt.com` or `gemini.google.com`)\n- Use `Ctrl+Alt+V` (not just `Ctrl+V`)\n- Check browser console for errors (F12)\n\n**Detection not working?**\n- The detector uses aggressive patterns and may have false positives\n- Very short or unusual formats may not be detected\n- Prioritizes privacy protection over perfect accuracy\n\n---\n\n## šŸ“š Resources\n\n- **šŸ“– [Documentation Website](https://gautamjkr.github.io/safe-paste/)** - Complete documentation and examples\n- **šŸ“š [GitHub Wiki](https://github.com/gautamjkr/safe-paste/wiki)** - Technical details, detection engine, and architecture\n- **šŸ› [Report Issues](https://github.com/gautamjkr/safe-paste/issues)** - Found a bug? Let us know!\n\n---\n\n## šŸ“ License\n\nThis project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.\n\n---\n\n## šŸŽÆ Roadmap\n\n- [ ] Support for more AI platforms (Claude, Perplexity, etc.)\n- [ ] Custom entity recognizers (user-defined patterns)\n- [ ] Multi-language support\n- [ ] Browser extension for Firefox/Edge\n- [ ] Configurable detection sensitivity levels\n\n---\n\n**Built with šŸ”’ for privacy-first AI interactions.**\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgautamjkr%2Fsafe-paste","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgautamjkr%2Fsafe-paste","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgautamjkr%2Fsafe-paste/lists"}