STYX Guard — Enterprise AI Security

Tracking since Apr 22, 2026.

Changelog

• Jun 3, 2026
  description

  # STYX Guard — Chrome Store Full Description
  
  STYX Guard is an enterprise-grade data loss prevention (DLP) extension that gives security teams complete visibility and control over what sensitive data employees share with AI tools — without killing productivity.
  
  Built for organisations that have adopted ChatGPT, Claude, Gemini and other AI platforms but need to ensure sensitive data stays protected.
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  
  🔒 THE PROBLEM
  
  Employees share sensitive data with AI tools every day. Passwords. Customer PII. Credit card numbers. Source code. Confidential documents. Most organisations have zero visibility into what's being shared, with whom, and when.
  
  When a data leak happens through an AI tool, the average detection time is 194 days. By then the damage is done.
  
  STYX Guard fixes this.
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  
  ⚡ HOW IT WORKS
  
  STYX Guard sits silently in the employee's browser, scanning every message before it reaches an AI tool. When sensitive content is detected, the extension enforces the organisation's security policy in real time.
  
  Four enforcement modes give administrators granular control:
  
  🚫 HARD BLOCK — Prevents the message from sending. Employee sees a clear notification. The violation is logged with full context.
  
  ⚠️ WARN — Shows a warning and lets the employee decide. If they proceed, it is logged. Creates accountability without blocking productivity.
  
  ████ REDACT — Automatically replaces sensitive content with ████ blocks before the message sends. Employee stays productive. Data stays safe.
  
  👁️ SILENT LOG — Allows the message through and logs the violation invisibly. Perfect for monitoring without disrupting workflow.
  
  Rules can be applied organisation-wide, to specific groups, or to individual users. Finance teams get stricter PII rules. Contractors get additional restrictions. Engineering teams have different policies from HR.
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  
  🛡️ WHAT IT PROTECTS AGAINST
  
  PII DETECTION
  • Social Security Numbers
  • Aadhaar Numbers (India)
  • Credit card numbers (all major formats)
  • Phone numbers (US and international)
  • Email addresses
  • Custom identifiers via regex
  
  CUSTOM KEYWORDS
  • Passwords
  • API keys and tokens
  • Private keys
  • Internal project names
  • Confidential and proprietary terms
  • Client names and codes
  
  FILE UPLOADS
  • Blocks drag-and-drop uploads
  • Blocks copy-paste of images and files
  • Hides upload buttons entirely
  • Logs all bypass attempts
  
  CODE PATTERNS
  • SQL injection patterns
  • Credentials in code
  • Database schemas
  • AWS keys, JWT tokens
  • Custom regex patterns for industry-specific data
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  
  🌐 SUPPORTED AI PLATFORMS
  
  Currently supported:
  ✅ Claude (claude.ai)
  ✅ ChatGPT (chatgpt.com)
  ✅ Google Gemini (gemini.google.com)
  
  Coming soon:
  🔄 Microsoft Copilot
  🔄 DeepSeek
  🔄 Perplexity
  
  Plus any custom LLM via URL configuration. Add internal AI tools, private deployments, or any new AI platform that emerges.
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  
  👥 ENTERPRISE FEATURES
  
  ADMIN CONSOLE
  A dedicated web dashboard at app.hellm.io provides administrators with complete control:
  
  • Real-time violations feed with user attribution
  • Full audit trail including original and redacted content
  • User and group management with role-based access
  • Per-user, per-group, and organisation-wide rule scoping
  • LLM access control (allow, warn, block, redirect)
  • Security posture score
  • Top keywords and LLM breakdown charts
  • CSV export for compliance reporting
  • Backend search across all violations
  
  USER MANAGEMENT
  • Admin invites users via email
  • Automated onboarding with temporary passwords
  • Password reset flow via email
  • Force password change on first login
  • Suspend or remove users instantly
  • Track last login and activity
  
  EXTENSION-ONLY ACCOUNTS
  Regular employees receive extension-only accounts. They cannot access the admin console, cannot disable protection, and cannot modify security policies. All control stays with the administrator.
  
  REAL-TIME POLICY SYNC
  Policy changes in the console propagate to all employees within minutes. No need to push updates. No need for employees to reinstall.
  
  DESKTOP NOTIFICATIONS
  Employees receive desktop notifications when violations occur, ensuring they understand the security policy in real time.
  
  RIGHT-CLICK SCAN
  Select any text on any webpage, right-click, and scan with STYX Guard. See which rules would trigger before pasting into an AI tool.
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  
  🔐 PRIVACY AND SECURITY
  
  STYX Guard is built with privacy as a first principle:
  
  • Only monitors configured AI platform domains
  • Has no access to any other websites employees visit
  • Captures only 200-character snippets of messages that trigger rules
  • Never records complete conversations
  • All data stays within the organisation's own backend
  • Open source extension code is fully auditable
  • Built on Manifest V3 — the most secure Chrome extension standard
  • Encrypted communication via HTTPS with SSL/TLS 1.2+
  • JWT-based authentication with session expiry
  • Password hashing with bcrypt
  
  WHAT WE DON'T DO
  • We do not sell your data
  • We do not serve ads
  • We do not share with third parties for commercial purposes
  • We do not track browsing history outside AI platforms
  • We do not access files or documents beyond the detection layer
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  
  🚀 GETTING STARTED
  
  For Administrators:
  1. Sign up for a free STYX account at hellm.io
  2. Invite your team via the Console
  3. Set up your security rules (templates provided)
  4. Employees receive installation emails automatically
  
  For Employees:
  1. Receive the welcome email from your organisation
  2. Install STYX Guard from the Chrome Web Store
  3. Log in with the credentials provided in the email
  4. Protection starts immediately
  
  Zero configuration required. Zero friction for end users.
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  
  💼 WHO STYX IS FOR
  
  Security teams who need visibility over AI tool usage. IT administrators deploying AI governance policies. Compliance teams meeting GDPR, HIPAA, SOC2, and ISO 27001 requirements. Organisations adopting AI tools without an existing security framework. Companies that want to enable AI productivity safely rather than blocking AI tools entirely.
  
  Industries we serve include financial services, healthcare, legal, government, technology, e-commerce, consulting, and any organisation handling sensitive customer data.
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  
  📊 USE CASES
  
  FINANCIAL SERVICES
  Prevent credit card numbers, account numbers, and customer PII from reaching AI tools. Maintain PCI compliance while enabling employees to use AI for productivity.
  
  HEALTHCARE
  Block patient identifiers, medical record numbers, and HIPAA-protected information from AI platforms. Enable clinicians to use AI for admin tasks without violating patient privacy.
  
  LEGAL
  Protect client confidentiality, case details, and privileged communications. Let lawyers use AI for research while keeping client data secure.
  
  TECHNOLOGY
  Prevent source code, API keys, database credentials, and architecture diagrams from leaking through AI coding assistants. Allow developers to use AI productively without compromising IP.
  
  GOVERNMENT
  Block classified information, personal data of citizens, and sensitive government records. Enable AI adoption in public sector while meeting strict data protection requirements.
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  
  🎯 WHY STYX
  
  REAL-TIME PROTECTION
  Unlike periodic audits or after-the-fact monitoring, STYX acts before data leaves your organisation. Prevention beats detection.
  
  POLICY-DRIVEN
  Rules are defined once by administrators and enforced consistently across every employee and every AI tool. No training required.
  
  PRODUCTIVE BY DESIGN
  Redaction mode keeps employees productive by automatically cleaning sensitive data rather than blocking them entirely. The AI tool still works, it just works safely.
  
  VENDOR-NEUTRAL
  STYX works with any AI tool your organisation uses. Not locked to a specific provider. Add new platforms as they emerge.
  
  SIMPLE TO DEPLOY
  No complex integration, no SSO configuration required for v1, no infrastructure changes. Install the extension, configure your rules, done.
  
  TRANSPARENT
  Every violation is logged with full context. Administrators always know what data was at risk, who was involved, and what the system did about it.
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  
  📈 ROADMAP
  
  Coming soon:
  • Support for Microsoft Copilot, DeepSeek, and Perplexity
  • Single sign-on (SSO) integration with Google Workspace
  • Chrome Enterprise managed deployment
  • Webhook and SIEM integrations
  • File content scanning (uploaded document analysis)
  • Advanced reporting and analytics
  • Multi-region data residency options
  • Mobile companion apps for policy management
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  
  🔗 LINKS AND SUPPORT
  
  Website: https://hellm.io
  Admin Console: https://app.hellm.io
  Privacy Policy: https://hellm.io/privacy
  Support: [email protected]
  GitHub: https://github.com/X-0rigin/heLLM
  
  For enterprise inquiries, custom deployments, or demo requests, contact us at [email protected]. We typically respond within one business day.
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  
  STYX Guard — Nothing passes without permission.
  
  Built by heLLM for organisations that take AI security seriously.

  Your team uses ChatGPT. They use Claude. They use Gemini. 
  And they're pasting customer data, API keys, source code, 
  and passwords into these tools without thinking twice.
  
  STYX Guard catches it before it leaves your browser.
  
  WHAT STYX DOES
  
  When an employee types something sensitive into an AI tool, 
  STYX intercepts it. You decide what happens next — block 
  the message, warn the user, redact the data automatically, 
  or log it silently. All four options are available per rule.
  
  Set rules once. They apply across every AI tool your team 
  uses. No training, no friction, no productivity hit.
  
  WHAT GETS DETECTED
  
  Out of the box, STYX detects:
  - Credit card numbers, SSNs, Aadhaar, phone numbers
  - Passwords, API keys, JWT tokens, AWS credentials
  - Custom keywords and regex patterns you define
  - File uploads (blocks drag-and-drop, paste, and attach)
  
  WHICH AI TOOLS
  
  Today: Claude (claude.ai), ChatGPT (chatgpt.com), 
  Gemini (gemini.google.com)
  
  Coming soon: Microsoft Copilot, DeepSeek, Perplexity
  
  Or add any custom LLM by URL — internal AI tools, 
  private deployments, or new platforms as they launch.
  
  HOW IT'S USED
  
  Admins set up rules at app.hellm.io. The dashboard shows 
  every violation in real time — who triggered it, on which 
  tool, with what content. Rules can apply to your whole org, 
  a specific team like Finance, or individual users.
  
  Employees install STYX, log in once with the credentials 
  from their welcome email, and they're protected. They 
  can't disable it, can't see other people's data, can't 
  modify policies. Everything stays in the admin's control.
  
  PRIVACY
  
  STYX only runs on AI platform domains. Nothing else. 
  We don't track browsing history, don't sell data, don't 
  serve ads, don't share with third parties. Only 
  200-character snippets of flagged messages are captured. 
  Full conversations are never recorded.
  
  The extension is built on Manifest V3 — Chrome's most 
  secure standard. All traffic is HTTPS, passwords are 
  bcrypt-hashed, authentication is JWT-based.
  
  WHO IT'S FOR
  
  Security teams worried about AI data leaks. IT admins 
  rolling out AI governance. Compliance officers meeting 
  HIPAA, GDPR, PCI-DSS, SOC2. Companies that want to enable 
  AI productivity without giving up control.
  
  We work with financial services, healthcare, legal, 
  government, tech, e-commerce, and consulting firms.
  
  GETTING STARTED
  
  Free to use. No credit card needed.
  
  1. Sign up at hellm.io
  2. Invite your team from the dashboard
  3. Set up your rules (templates included)
  4. Done
  
  Questions? [email protected] — we respond within a day.
  
  Website: www.hellm.io
  Admin Console: awww.pp.hellm.io  
  Privacy: www.hellm.io/privacy
  
  STYX Guard — nothing passes without permission.
  Built by heLLM.

• Jun 3, 2026
  short_description

  Enterprise AI security — scan prompts, block sensitive data and enforce policies across ChatGPT, Claude, Gemini and more.

  Stop employees from leaking sensitive data to ChatGPT, Claude, and Gemini. Real-time DLP for AI tools.

Permissions & access

Permissions

storagetabsactiveTabscriptingalarmsidentityidentity.emailnotificationscontextMenus

Host access

<all_urls>

Screenshots