Remura

Detects hidden prompt injection attacks embedded in web pages — protecting your AI agent from being hijacked.

As of July 2026, Remura has users in the Privacy & Security category.

Usersno change0%
Ratingno change0%
— reviews
Reviewsno change0%
Version
0.1.0
Manifest V3

History

1 snapshots

Tracking since Jul 3, 2026.

Not enough history yet for this metric — the chart fills in as we collect more snapshots.
View as table
DateUsersRatingReviewsVersion
Jul 3, 20260.1.0
Now0.1.0

Permissions & access

Permissions
storagetabsnotifications
Host access
<all_urls>

Screenshots

Remura screenshot 1

About

Remura - AI Agent Prompt Injection Detector

Remura silently scans every page you visit for hidden prompt injection attacks, malicious instructions embedded in web pages that attempt to hijack AI agents browsing on your behalf.

How it works
When a page loads, Remura scans the DOM for 8 types of hidden instruction techniques: invisible text, off-screen elements, color-matched text, tiny fonts, aria-hidden abuse, HTML comments, suspicious meta tags, and CSS content injection.

If injections are found, a blocking overlay appears with a 30-second countdown. A human can click "I acknowledge this risk" to dismiss it. An AI agent cannot when the timer expires, a desktop alert fires and the page stays blocked.

What it detects
• Instruction overrides ("ignore previous instructions", "new instructions")
• Role manipulation ("you are now", "act as")
• Data exfiltration commands ("send conversation to", "reveal system prompt")
• Action hijacking ("instead output", "do not complete")

Zero data collection. All scanning happens locally in your browser. Nothing leaves your device.

Technical

Version
0.1.0
Manifest
V3
Size
16.63KiB
Min Chrome
88
Languages
1
Featured
No

Metadata

ID
fcmjdahpibmhnjkjlkgblahinbdmajbj
Developer ID
u7c8660912d652ca354405c699c137a63
Developer Email
[email protected]
Created
Jul 2, 2026
Last Updated (Store)
Jul 2, 2026
Last Scraped
Jul 3, 2026
Website

Data sourced from the Chrome Web Store · last verified Jul 3, 2026.