GitHub - PAndreew/vigil_vite

Vigil DLP

Client-Side Data Loss Prevention for the AI Era

Vigil DLP is an open-source browser extension that acts as a firewall between your sensitive data and AI chatbots currently in Public Alpha. It intercepts pasted text content and (to some degree) file uploads, scans them for PII (Personally Identifiable Information) and other forms of sensitive data (like API keys), and allows you to redact sensitive data before it leaves your browser.

🎨 Features

• Real-time Interception: Automatically detects when you paste text or upload files to supported sites. The following sites have been tested for pasted text content:
  • grok.com
  • chatgpt.com
  • aistudio.google.com
  • claude.ai
  • chat.qwen.ai
  • mistral.ai
• Smart Redaction: Identifies Emails, Credit Cards, SSNs, API Keys, and custom Regex patterns.
• File Scanning (Limited): "Peeks" into uploaded text/code files (CSV, JSON, PY, TS, TXT) to detect secrets before upload. File scanning works for:
  • mistral.ai
  • chat.qwen.ai
• Granular Control:
  • Redact: Replace sensitive data with placeholders that keep the structure of the original. For example +361513734 becomes +00000000.
  • Original: Bypass the filter for non-sensitive contexts.
  • Cancel: Block the action entirely.
• Privacy First: All scanning happens locally in the browser. Your data is never sent to a cloud server for analysis.

💻 Installation

Vigil is built with React, TypeScript, and Vite.

1. Clone the repository

   git clone https://github.com/yourusername/vigil_vite.git
   cd vigil_vite

2. Install dependencies

3. Build the extension

4. Load into Edge/Chrome

   • Open Edge/Chrome and navigate to edge/chrome://extensions.
   • Enable Developer mode in Edge (toggle on the left pane).
   • Click Load unpacked.
   • Select the dist folder generated by the build step.

⚙️ Configuration

1. Protecting Sites: Click the Vigil extension icon in your toolbar. Add domains you want to monitor (e.g., chatgpt.com, claude.ai, github.com).
2. Hotkeys:
   • Alt + R: Confirm Redaction (Paste Modified).
   • Alt + O: Paste Original (Bypass).
   • Esc: Cancel Paste/Upload.

🛣️ Project Roadmap

Vigil is currently in Public Alpha. We are committed to keeping the core browser extension open-source and free for individuals. Future Development Roadmap:

• (!Partially) Local Sensitive Data Detection (API key, Email, Phone, CC)

• (!Partially) File Upload Scanning

• Scan Uploaded Images

• Custom Regex Rule Builder (UI)

• Logging

• Team Management (Centralized Policy Administration) *

• Compliance Reporting (Audit Logs & Analytics) *

*These features might be part a future "Vigil for Business" self-hosted/managed offering to support the project's sustainability. Interested in using Vigil? We are looking for early design partners to help shape the business features. Email us to chat.

🐛 Bugs

Due to the browsers' highly event-driven nature and the plethora of frameworks employed for web development it is quite tricky to build robust features that work across the large majority of AI chatbot platforms. Currently it seems that the tool messes with AI Studio's (Google) paste functionality but we have to investigate that. Please if you find any bugs open an issue.

🤝 Contributing

We welcome contributions! If you do so, please:

1. Fork the Project
2. Create your Feature Branch (git checkout -b feature/AmazingFeature)
3. Commit your Changes (git commit -m 'Add some AmazingFeature')
4. Push to the Branch (git push origin feature/AmazingFeature)
5. Open a Pull Request

📄 License

This project is licensed under the GNU Affero General Public License v3.0 (AGPLv3).

• Personal Use: Free to use and modify.
• Commercial Use: If you modify this software and provide it as a service (internally or externally), you must make the source code available.

For a commercial license that exempts you from AGPL obligations and grants access to (upcoming) Enterprise features, please contact us.

Built with ❤️ for privacy.