Aegis OmniGuard

About

Aegis OmniGuard - Local Input Scanner for AI Chatbots

Aegis OmniGuard is a browser-based input scanner that detects sensitive data patterns (credit card numbers, API keys, crypto mnemonics, etc.) in text you type or paste, and alerts you before submission.

COMMON SCENARIOS
Developers and everyday users often accidentally include sensitive data when using AI chat tools:
- A credit card number copied from a support ticket
- An API key (sk-proj-..., AKIA...) left in a code snippet
- A crypto wallet mnemonic phrase in a note
- A .env file containing DATABASE_URL=...

HOW IT WORKS
1. The extension monitors input fields and contenteditable elements on web pages
2. When you type, paste, or click a send button, the text is scanned locally using pattern matching and algorithmic verification
3. If sensitive data is detected, the extension shows an in-page notification and masks the detected content
4. No data ever leaves your browser — all scanning runs 100% offline

HOW TO TEST (try it yourself)
1. Install the extension and ensure the protection toggle is ON (click the extension icon to check)
2. Open any AI chatbot website (e.g., chatgpt.com or claude.ai)
3. Paste the following test credit card number into the chat input: 4111 1111 1111 1111
4. Press Enter or click the Send button
5. You will see a shield notification appear and the number will be masked with asterisks
6. Click the extension icon → Logs tab to see the interception record

DETECTION METHODS
- Credit Cards: Regex pre-filter + Luhn checksum verification (random 16-digit numbers are not flagged)
- Crypto Mnemonics: BIP-39 wordlist matching against the standard 2048-word list (12 or 24 consecutive words required)
- Private Keys: Hexadecimal pattern matching + Shannon entropy analysis
- API Keys: Pattern matching for known formats — OpenAI (sk-proj-...), Anthropic (sk-ant-...), AWS (AKIA...), GitHub (ghp_.../gho_...), Google AI (AIza...)
- .env Secrets: KEY=VALUE format detection
- PII: Chinese ID cards (18-digit with checksum), phone numbers, email addresses

KEY FEATURES
- Two-Pass Detection: Fast regex pre-filter followed by algorithmic verification to reduce false positives
- Modern UI Compatibility: Works with contenteditable elements used by ChatGPT, Claude, and similar chat interfaces
- Shadow DOM Notification: In-page alerts are isolated via Shadow DOM to avoid CSS conflicts
- Three Protection Levels: Low (high-confidence only) / Medium (recommended) / High (aggressive)
- Domain Whitelist: Disable scanning on trusted domains you specify
- Intercept Logs: View a history of detected and masked items

NEW IN v0.2.0
- Web3 Transaction Guard: Analyzes wallet transactions (MetaMask, etc.) before you sign, showing risk breakdown
- Multi-Chain Detection: Bitcoin, Ethereum, Solana, Tron private key and address detection
- BYOK AI Analysis: Optionally use your own OpenAI/Anthropic/DeepSeek API key for deep transaction risk analysis (off by default, no data sent unless you enable it)
- Bilingual Interface: Full English and Chinese language support
- Enhanced Detection: Improved false-positive reduction and wider API key format coverage

NEW IN v0.3.0
- AI Output Scanner: Scans ChatGPT, Claude, and Gemini responses for phishing URLs, fake crypto addresses, backdoored code patterns, and prompt injection attacks. No other tool protects what AI sends BACK to you.
- Clipboard Guard: Detects clipboard hijacking malware (StilachiRAT, ClipBanker) that silently swaps crypto addresses when you paste. Supports ETH, BTC (Legacy + Bech32), SOL, and TRON addresses.
- Security Skills: Two standalone CLI security scanners (openclaw-audit for AI Agent plugin vetting, aegis-scan for project secret scanning) available on GitHub.


PRIVACY
- All scanning runs 100% locally in your browser
- Zero network requests for scanning — no data is sent to any server
- No telemetry, analytics, or tracking of any kind
- Open source under MIT License — inspect every line of code

PERMISSIONS EXPLAINED
- "storage": Saves your settings and intercept logs locally
- "activeTab": Allows the content script to scan the current page
- "<all_urls>" in content_scripts: Required because AI chatbots are hosted on many different domains; restricting to specific domains would leave users unprotected on new or lesser-known AI services

OPEN SOURCE
GitHub: https://github.com/bidaiAI/aegis-omniguard
Website: https://aegis-web4.com
Twitter/X: @bidaoofficial